- Hackers have been targeted at WhatsApp users on iOS and MAC
- Threat actors abused a new error that activated zero-click attack
- Meta apparently sent less than 200 cyberattack -warning messages
WhatsApp has patched a vulnerability with high difficulty in its iOS and Mac applications, which were apparently used in zero-click attacks against a handful of high-profile individuals.
In a security advice, the company said it fixed CVE-2025-55177, an “incomplete permit of associated unit synchronization messages in WhatsApp” errors, which “could have enabled a non-related user to trigger the processing of content from any URL on a target unit.”
This error was allegedly tied with a separate error determined earlier in August, the track as CVE-2025-43300. These two were used “in a sophisticated attack on specific targeted users.”
Targeting high -profile individuals
Leader of Amnesty International’s Security Laboratory, Donncha Ó Cearbhaill, said at X that an “advanced spyware campaign” has been active since the end of May 2025, targeted Apple users with a “zero-click” attack that does not require interaction from the victim, Techcrunch reported.
The same source published a copy of the Data Breach Notification Letter WhatsApp sent to affected persons, where it was said that their device and the data it contains (including messages) were probably compromised.
At the time of the press, no threat actors assumed responsibility for this attack, and the researchers were not yet able to attribute it to anyone.
Meta spokesman Margarita Franklin said, however, told Techcrunch The company had sent “less than 200” messages.
This can mean that the attacks were very targeted, possibly to maximize its effectiveness and not draw too much attention from the cyber security community.
Zero-click attacks are few and far apart, and when they show up, they are usually abused by nation states in espionage campaigns against politicians and diplomats, journalists, dissidents, government agents, military and defense staff and the like.
At the end of April 2025, researchers found Apple’s AirPlay Protocol and AirPlay Software Development Kit (SDK) that carry several vulnerabilities that could have been abused to run Remote Code Execution (RCE) attacks, man-in-the-middle (mitm) attack or denial of service (dos) attacks. Some of these vulnerabilities could also have been used in zero-click attacks.
Via Techcrunch
