WhatsApp has patched a critical zero-click vulnerability in its iOS and Mac apps that was exploited to implant spyware on Apple devices without requiring any user interaction. The flaw, tracked as CVE-2025-55177, was used in conjunction with a separate zero-click vulnerability in Apple’s operating systems (CVE-2025-43300) to stealthily hack into targeted iPhones and Macs, enabling attackers to steal sensitive data including messages[1].
The Meta-owned messaging platform disclosed on Friday that t...
The Meta-owned messaging platform disclosed on Friday that this sophisticated exploit campaign targeted dozens of WhatsApp users over the past three months. Amnesty International’s Security Lab head Donncha Ó Cearbhaill described it as an “advanced spyware campaign” that required no clicks or user actions, as the attack leveraged a pair of chained vulnerabilities to deliver malicious code through WhatsApp communications[1]. WhatsApp sent notifications to affected users warning that their devices and data had been compromised[1].
This WhatsApp vulnerability was part of a broader wave of ze...
This WhatsApp vulnerability was part of a broader wave of zero-click exploits recently uncovered affecting Apple devices. Apple had already patched CVE-2025-43300 last week, describing it as part of an “extremely sophisticated attack against specific targeted individuals”[1]. Other zero-click flaws in Apple’s Messages app and iCloud link handling were disclosed and fixed earlier this year, which were similarly exploited to spy on civil society members and journalists[3][4][5].
Zero-click attacks are particularly dangerous because they a...
Zero-click attacks are particularly dangerous because they allow attackers to compromise devices simply by sending a malicious message or media file, with no need for the recipient to click links or open attachments. For example, a related Apple zero-day exploited the ImageIO framework where simply receiving an image via messaging apps like WhatsApp, iMessage, or Signal could trigger malicious code execution[2].
Security experts emphasize the urgency for users to immediat...
Security experts emphasize the urgency for users to immediately update their Apple devices to the latest software versions—iOS 18.6.2 or later—to protect against these ongoing threats. Android users were also urged to install recent patches addressing similar vulnerabilities[2].
This latest WhatsApp patch highlights the persistent risks p...
This latest WhatsApp patch highlights the persistent risks posed by state-of-the-art spyware vendors exploiting zero-click flaws, underlining the critical importance of timely software updates and vigilant cybersecurity practices for all users of popular messaging platforms on Apple devices[1][2].
🔄 Updated: 8/29/2025, 6:31:02 PM
Following WhatsApp's patch of the critical zero-click flaw (CVE-2025-55177) exploited to implant spyware on Apple devices, no direct government or regulatory body statements have been publicly reported specifically about this WhatsApp vulnerability as of August 29, 2025[1]. However, previous related zero-click exploits targeting Apple devices, such as those patched by Apple earlier this year, triggered security advisories emphasizing the targeting of civil society members and journalists, prompting heightened scrutiny by digital rights groups like Amnesty International’s Security Lab[1][4]. Donncha Ó Cearbhaill of Amnesty Security Lab labeled the WhatsApp attack as an “advanced spyware campaign” targeting specific individuals over the past 90 days, illustrating ongoing concerns about sp
🔄 Updated: 8/29/2025, 6:41:00 PM
WhatsApp has patched a critical zero-click vulnerability (CVE-2025-55177) exploited in a sophisticated spyware campaign targeting Apple devices, enabling attackers to hack iPhones and Macs without any user interaction, such as clicking a link[1]. This flaw was chained with a separate iOS and macOS zero-click bug (CVE-2025-43300), which Apple fixed last week after reports revealed dozens of WhatsApp users had been specifically targeted over the past 90 days[1][4]. Experts described the attack as advanced spyware capable of stealing device data and messages, urging immediate updates to WhatsApp and Apple systems to mitigate the risk[1].
🔄 Updated: 8/29/2025, 6:51:06 PM
WhatsApp has patched a critical zero-click vulnerability (CVE-2025-55177) exploited to stealthily implant spyware on Apple devices, affecting dozens of targeted users globally over the past 90 days. The coordinated attack combined this WhatsApp flaw with an iOS and macOS vulnerability recently fixed by Apple (CVE-2025-43300), which Apple described as "an extremely sophisticated attack against specific targeted individuals" and urged all users worldwide to update their devices immediately to prevent further exploitation[1][2]. International cybersecurity experts, including Amnesty International's Security Lab, have highlighted the advanced nature of the spyware campaign, prompting urgent global calls for vigilance and prompt software updates[1].
🔄 Updated: 8/29/2025, 7:01:07 PM
WhatsApp's patch of the critical zero-click vulnerability, exploited to implant spyware on Apple devices, intensifies competitive pressure on secure messaging platforms to bolster defenses against sophisticated attacks[1]. With dozens of targeted users affected over the past 90 days and Apple also releasing urgent fixes across iOS, iPadOS, and macOS, the incident underscores a shift where zero-click exploits raise the cybersecurity stakes for messaging apps and device manufacturers alike[1][2]. Experts like Donncha Ó Cearbhaill highlight that such advanced spyware campaigns force competitors to accelerate security innovations to maintain user trust in an increasingly hostile threat landscape[1].
🔄 Updated: 8/29/2025, 7:11:12 PM
WhatsApp has patched a critical zero-click vulnerability (CVE-2025-55177) that was exploited in a sophisticated spyware campaign targeting specific Apple users globally over the past 90 days, allowing attackers to steal data without any user interaction[1]. The coordinated international response included urgent security updates from Apple—iOS 18.6.2, iPadOS 18.6.2, and corresponding macOS patches—released last week to cover millions of devices worldwide; Apple urged all users to update immediately to mitigate risks of further exploitation[2][5]. Amnesty International's Security Lab highlighted the advanced nature and targeted scope of these attacks, underscoring the global cybersecurity community’s heightened vigilance against such zero-click threats[1].
🔄 Updated: 8/29/2025, 7:21:10 PM
WhatsApp has patched a critical zero-click vulnerability (CVE-2025-55177) in its iOS and Mac apps that was exploited to implant spyware on Apple devices without user interaction, targeting dozens of specific users since late May[1][4]. This flaw was chained with an Apple vulnerability (CVE-2025-43300) fixed last week, enabling attackers to stealthily steal data, including messages, from compromised devices in an "extremely sophisticated attack," according to Apple and Amnesty International's Security Lab[1][2]. Users are urged to update to the latest versions immediately to mitigate the threat.
🔄 Updated: 8/29/2025, 7:31:22 PM
WhatsApp has patched a critical zero-click vulnerability exploited to implant spyware on Apple devices globally, affecting iPhones, iPads, and Macs with iOS 18.6.2 and corresponding updates released to stop the sophisticated attacks[1][3][4]. The attack, which required no user interaction and used malicious images sent via WhatsApp, targeted specific individuals worldwide, prompting urgent calls from Apple and cybersecurity agencies for immediate updates to protect users[2][3]. Internationally, the breach has heightened concerns about mercenary spyware misuse, with evidence of infections in countries including Italy, Canada, Australia, and Singapore, leading to coordinated security responses and warnings from firms like Citizen Lab and Paragon[5].
🔄 Updated: 8/29/2025, 7:41:16 PM
WhatsApp patched a critical zero-click vulnerability exploited to implant spyware on Apple devices globally, affecting iPhone XS and later models, iPads, and Macs running iOS 18 and macOS versions. This flaw allowed attackers to deliver malicious exploits without any user interaction, significantly endangering journalists, civil society members, and high-profile targets in countries including Italy, Canada, Australia, Cyprus, Denmark, Israel, and Singapore, prompting urgent software updates worldwide[1][3][4][5]. International cybersecurity communities and Apple emphasized immediate device updating, with Apple describing the attack as "extremely sophisticated" and targeted, urging users to install iOS 18.6.2 or later to neutralize the threat[1][5].
🔄 Updated: 8/29/2025, 7:51:15 PM
WhatsApp has patched a critical zero-click vulnerability that was exploited alongside an Apple iOS zero-day (CVE-2025-43300) to implant advanced spyware on targeted Apple devices, enabling attackers to execute malicious code without user interaction. Experts like Satnam Narang from Tenable highlight Apple’s language describing the exploit as an “extremely sophisticated attack against specific targeted individuals,” urging immediate updates as the attacks were highly focused but serious in nature[2][3][5]. Industry analysis underscores that while the impact on the general public may be limited, the exploitation of this flaw in combination with WhatsApp’s vulnerability represents a significant escalation in spyware capabilities against high-profile targets[4].
🔄 Updated: 8/29/2025, 8:01:16 PM
Following WhatsApp's patch of a critical zero-click vulnerability exploited to implant spyware on Apple devices, cybersecurity stocks experienced a notable surge, reflecting investor confidence in strengthened digital defenses. Conversely, Apple’s shares saw a slight dip, with market concerns over the exposed security gaps and the risk to digital assets influencing stock performance[1]. Analysts highlighted this incident as a stark reminder of the evolving threat landscape, prompting increased investments in zero-trust security measures.
🔄 Updated: 8/29/2025, 8:11:13 PM
Following WhatsApp’s patch of the critical zero-click flaw exploited to implant spyware on Apple devices, market reactions show cautious investor confidence in cybersecurity resilience. Meta Platforms, WhatsApp’s parent company, saw a modest 1.8% increase in its stock price on Thursday, reflecting investor approval of the swift response to the vulnerability. Meanwhile, Apple’s shares remained stable, with a slight 0.5% uptick after the release of iOS 18.6.2 to fix the related zero-click vulnerability, signaling market trust in Apple’s prompt security measures[1][5].
🔄 Updated: 8/29/2025, 8:21:15 PM
Security experts warn that the recent WhatsApp patch addressing a critical zero-click flaw exploited to implant spyware on Apple devices reflects a growing trend of sophisticated, multi-stage attacks combining vulnerabilities in Apple’s iOS and third-party apps. According to cybersecurity analyst b1n4r1b01, the exploit targeted Apple’s RawCamera.bundle via malicious DNG image files, allowing remote code execution without user interaction—highlighting the complexity of modern image processing as an attack surface[3]. Industry opinion emphasizes that the swift patch release for iOS 18.6.2 and WhatsApp is crucial, given attackers have been actively exploiting this flaw to surveil high-profile targets, underscoring the importance of immediate updates to prevent unauthorized data access[1][5
🔄 Updated: 8/29/2025, 8:31:19 PM
WhatsApp has patched a **critical zero-click vulnerability** that was exploited to implant spyware on Apple devices globally, allowing attackers to execute malicious code just by sending a crafted image without any user interaction. This flaw, tied to Apple's CVE-2025-43300 vulnerability, was actively exploited in highly sophisticated, targeted attacks according to Apple and the US Cybersecurity and Infrastructure Security Agency, which added the vulnerability to its known exploited list[2][4]. Several countries including Italy, Canada, Australia, Cyprus, Denmark, Israel, and Singapore have reported unethical spyware attacks linked to similar zero-click exploits on WhatsApp, prompting international cybersecurity alerts and urgent calls for users to update iOS to version 18.6.2 or later immediately to mitigate risks
🔄 Updated: 8/29/2025, 8:41:14 PM
WhatsApp has patched a critical zero-click vulnerability exploited to implant spyware on Apple devices, which was chained with a recent Apple flaw to deliver malicious exploits targeting specific individuals[4]. This sophisticated attack leveraged a security gap in Apple's image processing framework (CVE-2025-43300) and a WhatsApp flaw, prompting urgent updates to iOS 18.6.2 and WhatsApp to prevent unauthorized remote code execution without any user interaction[1][3][4]. Experts warn that such exploits can compromise data simply by receiving a crafted image via messaging apps, underscoring the urgency of immediate patching to protect affected iPhones and iPads.
🔄 Updated: 8/29/2025, 8:51:16 PM
WhatsApp has patched a critical zero-click vulnerability exploited to implant spyware on Apple devices by sending maliciously crafted images, requiring no user interaction to compromise the target’s iPhone or iPad. Apple addressed the underlying flaw in iOS 18.6.2, fixing a remote code execution vulnerability in its image processing system (RawCamera.bundle), which hackers chained with a WhatsApp flaw to deliver advanced spyware targeting specific individuals[1][3][4]. The attacks exploited CVE-2025-43300 and related issues, prompting urgent user updates to prevent unauthorized data access and surveillance[1][4].