A sophisticated cyberattack has been uncovered, revealing a zero-day vulnerability in WhatsApp affecting Apple devices. This flaw, identified as CVE-2025-55177, was exploited alongside another vulnerability in Apple’s operating systems, allowing attackers to access user devices and extract sensitive data.
WhatsApp has responded by releasing a patch to fix the vulnerability and has begun notifying users who may have been targeted in the past three months. Affected users are urged to take immediate action to protect their devices.
The attack used a two-step approach to infiltrate devices, beginning with a breach via WhatsApp on iOS and macOS. The WhatsApp vulnerability involved the handling of linked device synchronization messages, enabling attackers to process content from any URL on a victim’s device. Impacted versions include WhatsApp for iOS, WhatsApp Business for iOS, and WhatsApp for Mac, all prior to specific versions.
In tandem, a flaw in Apple’s iOS, iPadOS, and macOS, tracked as CVE-2025-43300, was exploited. This out-of-bounds write issue in the ImageIO framework allowed memory corruption through malicious image files, posing a sophisticated threat to specific individuals.
WhatsApp’s security team quickly addressed the issue, preventing further attacks on its platform. Notifications to users included warnings about potential unauthorized access to device data. WhatsApp advised users to update their operating systems and applications to the latest versions and recommended a full device factory reset for those targeted.
This incident underscores the increasing trend of mercenary spyware campaigns targeting high-profile individuals, using popular communication platforms as attack vectors.
