Post

WhatsApp patches vulnerability exploited in zero-day attacks

Posted
By ictsec.pl
1 min read

The company says this zero-click flaw (tracked as CVE-2025-55177) affects WhatsApp for iOS prior to version 2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78.

While the two companies are yet to publish further information regarding the attacks, Donncha Ó Cearbhaill (the head of the Security Lab at Amnesty International) said that WhatsApp just warned some users that they’ve been targeted in an advanced spyware campaign over the last 90 days.

In March, WhatsApp patched another zero-day flaw—following reports from security researchers at the University of Toronto’s Citizen Lab—that was exploited to install Paragon’s Graphite spyware.

“WhatsApp has disrupted a spyware campaign by Paragon that targeted a number of users including journalists and members of civil society. We’ve reached out directly to people who we believe were affected,” a WhatsApp spokesperson told BleepingComputer at the time.

To read the complete article see:

WhatsApp patches vulnerability exploited in zero-day attacks

See also: WhatsApp Security Advisories

SECURITY
WHATSAPP ZERO-DAY VULNERABILITY SECURITY
This post is licensed under CC BY 4.0 by the author.