- Pirates have targeted WhatsApp on iOS and Mac users
- Threat actors abused a new bug that allowed zero attacks click
- Meta apparently sent less than 200 cyber attacks
WhatsApp has corrected high severity vulnerability in its iOS and Mac applications, which was used in zero-click attacks against a handful of high-level individuals.
In a security notice, the company said it has corrected the CVE-2025-55177 CVE-2025-55177, an “incomplete authorization from the synchronization messages of the device linked in WhatsApp” which, “could have allowed an unrelated user to trigger the treatment of content from an arbitrariness on the device of an target”.
This bug would have been chained with a separate flaw, corrected earlier in August, followed as CVE-2025-43300. These two were used “in a sophisticated attack against specific targeted users”.
Targeting high -level individuals
The chief of the Amnesty International security laboratory, DONNCHA รณ Cearbhaill, said on X that an “advanced spy software campaign” has been active since the end of May 2025, targeting Apple users with a “zero click” attack which does not require any interaction of the victim, Techcrunch reported.
The same source has published a copy of the letter of data violation letter sent by WhatsApp to the individuals concerned, in which their device and the data it contains (including messages) have probably been compromised.
At the time of the press, no threat actor has assumed the responsibility of this attack, and the researchers have not yet been able to attribute it to anyone.
However, Meta Margarita Franklin spokesperson said Techcrunch The company had sent notifications “less than 200”.
This could mean that the attacks were very targeted, perhaps to maximize its effectiveness and not to attract the attention of the cybersecurity community too much.
Zero attacks click little and distant, and when they appear, they are generally mistreated by nation states in spy campaigns against politicians and diplomats, journalists, dissidents, government agents, military and defense staff, and similar.
At the end of April 2025, the researchers found the Airplay protocol and the Apple Airplay software development kit (SDK) with many vulnerabilities that could have been mistreated to execute remote code execution attacks (RCE), service attacks (MITM) (MITM) or service attacks (back). Some of these vulnerabilities could also have been used in zero-click attacks.
Via Techcrunch
