WhatsApp has fixed a major security vulnerability that was being actively exploited to hack into the iPhones and Macs of certain targeted users. The flaw, tracked as CVE-2025-55177, was patched in WhatsApp’s iOS and macOS apps, and it comes just days after Apple fixed a related bug, CVE-2025-43300, in its own software with iOS 18.6.2 and macOS 15.6.1.

First reported by TechCrunch, the vulnerability was part of a “zero-click” attack — the kind of spyware exploit that doesn’t require you to click anything to get infected. Simply put: your phone or Mac could be compromised without you doing a thing.

A Sophisticated Spyware Campaign

According to Amnesty International’s Security Lab, the flaw was chained with Apple’s own bug to deliver spyware capable of stealing sensitive data from devices. Over the past 90 days, dozens of WhatsApp users were targeted, receiving threat notifications that their devices — and even their private messages — may have been compromised.

Meta confirmed to TechCrunch that fewer than 200 users were directly notified. The company patched the bug “a few weeks ago,” but didn’t say who was behind the attacks or whether a commercial spyware vendor was involved.

Not WhatsApp’s First Brush With Spyware

Unfortunately, this isn’t the first time WhatsApp has been caught in the crosshairs of spyware operators:

  • In 2019, spyware maker NSO Group used a WhatsApp exploit to plant Pegasus on over 1,400 devices. A U.S. court later ordered NSO to pay WhatsApp $167 million in damages.
  • Earlier this year, WhatsApp disrupted another campaign targeting around 90 users in Italy. That one was linked to spyware from Paragon, which later cut off Italy from its tools due to government misuse.

What You Should Do

If you use WhatsApp on iPhone or Mac, the advice is simple:

  • Update WhatsApp immediately from the App Store.
  • Make sure your device is running the latest version of iOS or macOS.
  • Keep an eye out for security notifications from Apple or WhatsApp.

These “zero-click” exploits are rare, expensive, and usually reserved for targeting journalists, activists, and high-profile individuals — but staying updated is your best defense.

Final Take

This episode is another reminder that even the most locked-down platforms like iOS aren’t immune to spyware. While WhatsApp moved quickly to patch, it’s a cat-and-mouse game with surveillance vendors. If nothing else, it underscores the importance of updates — and how privacy battles are fought quietly in the background every day.

Categorized in:

Apple, iPad, iPhone, Mac, Meta,

Last Update: August 31, 2025

Tagged in:

, , , , ,