A complicated assault marketing campaign has leveraged a beforehand unknown zero-day vulnerability in WhatsApp on Apple units to focus on particular customers, the corporate has confirmed.
The vulnerability, now recognized as CVE-2025-55177, was mixed with a separate vulnerability in Apple’s working techniques to compromise units and entry consumer knowledge.
WhatsApp has since patched the vulnerability and has been sending risk notifications to people it believes had been focused by the superior spy ware marketing campaign inside the final 90 days. The corporate is urging affected customers to take fast motion to safe their units.
A Two-Pronged Assault
The assault exploited a sequence of vulnerabilities to realize entry to focus on units. The preliminary entry level was by way of WhatsApp on iOS and macOS.
The WhatsApp Vulnerability (CVE-2025-55177): This vulnerability existed in the best way WhatsApp dealt with linked system synchronization messages. In response to a safety advisory from WhatsApp, the flaw might permit an attacker to set off the processing of content material from an arbitrary URL on a goal’s system.
This affected WhatsApp for iOS variations earlier than v2.25.21.73, WhatsApp Enterprise for iOS earlier than v2.25.21.78, and WhatsApp for Mac earlier than v2.25.21.78.
ProductAffected VersionsWhatsApp for iOSVersions previous to v2.25.21.73WhatsApp Enterprise for iOSVersions previous to v2.25.21.78WhatsApp for MacVersions previous to v2.25.21.78
The Apple OS Vulnerability (CVE-2025-43300): This WhatsApp vulnerability was used along side a zero-day flaw inside Apple’s iOS, iPadOS, and macOS. Tracked as CVE-2025-43300, this bug was an out-of-bounds write subject within the ImageIO framework.
Apple acknowledged that processing a malicious picture file might result in reminiscence corruption, and confirmed that the difficulty “could have been exploited in a particularly refined assault towards particular focused people”. The U.S. Cybersecurity and Infrastructure Safety Company (CISA) has added this vulnerability to its catalog of recognized exploited threats.
WhatsApp’s Response
Inner researchers on the WhatsApp Safety Workforce found the vulnerability. In response, the corporate has deployed a patch to stop the assault from occurring by way of its platform.
Notifications despatched to focused customers warned {that a} malicious message could have been used to compromise their system and the information it accommodates, together with messages.
In a message to affected customers, the corporate acknowledged, “We’ve made modifications to stop this particular assault from occurring by way of WhatsApp. Nonetheless, your system’s working system might stay compromised by the malware or be focused in different methods.”
Notification to Customers
Because of the refined nature of the spy ware, WhatsApp is recommending that focused people carry out a full system manufacturing facility reset.
The corporate additionally strongly urges all customers to maintain their units up to date to the most recent model of their working system and to make sure their WhatsApp utility is updated.
Notification to Customers
This incident is the most recent instance of mercenary spy ware campaigns focusing on high-profile people, together with journalists and civil society members, by way of well-liked communication platforms.
Discover this Story Fascinating! Observe us on LinkedIn and X to Get Extra Immediate Updates.
