Urgent security updates have been released by WhatsApp and Apple to address severe vulnerabilities. The key issue involved Zero-Click vulnerabilities, meaning hackers could infiltrate devices without requiring the user to click any links or open any files. The promptness of the updates from both companies is crucial for user protection.
WhatsApp Security Advisory
WhatsApp’s advisory detailed the CVE-2025-43300 bug, which was potentially exploited in sophisticated attacks against select users. The vulnerability affected multiple versions of WhatsApp across iOS, including WhatsApp Business, and Mac platforms. The bug has been fixed, and affected users were notified, according to Meta.
Apple’s Security Patch
Apple released a patch to resolve the CVE-2025-55177 vulnerability, which could lead to memory corruption when processing a malicious image file. This flaw was exploited in high-level spyware attacks, targeting iPhone users.
Background of the Security Issues
Investigations revealed that the attacks are part of an advanced spyware campaign. Both iPhone and Android users were targeted in recent months, including members of civil society and activists.
The Threat of Zero-Click Attacks
Zero-Click attacks represent a major cyber threat, as they allow attackers to gain access to systems without any user interaction, making them extremely difficult to prevent.
Steps Users Should Take
Users should immediately update their WhatsApp and iOS devices to the latest versions. It is essential to avoid opening any suspicious links or files, even though the vulnerabilities have been addressed. Regular security patch installation and maintaining updated apps and software are vital for security.