WhatsApp has revealed that it recently identified and blocked a sophisticated cyberespionage campaign that exploited vulnerabilities in its platform and Apple devices, targeting specific users worldwide.
The Vulnerability
In a statement, the Meta-owned company explained that incomplete authorization in linked device synchronization messages on older versions of WhatsApp for iOS, WhatsApp Business, and WhatsApp for Mac allowed attackers to trigger content from malicious URLs on victims’ devices.
The flaw affected:
- WhatsApp for iOS (before v2.25.21.73)
- WhatsApp Business for iOS (before v2.25.21.78)
- WhatsApp for Mac (before v2.25.21.78)
The company said it has patched the vulnerabilities but warned that attackers combined the flaw with an Apple operating system-level bug (CVE-2025-43300) to carry out highly targeted surveillance.
Scope of the Attack
While WhatsApp did not share the exact scale, a Reuters report said around 200 users worldwide may have been compromised. The victims reportedly include members of civil society organisations, journalists, and activists.
Amnesty International’s Warning
Amnesty International’s Security Lab confirmed that civil society groups appear to be among those affected. Donncha Ó Cearbhaill, head of the lab, urged anyone who received WhatsApp’s threat notification to seek expert help.
“Early indications are that this spyware attack has impacted both iPhone and Android users. Government spyware continues to threaten journalists and human rights defenders,” he wrote on X.
He advised users to update their devices immediately and enable enhanced security measures such as iOS Lockdown Mode or Android’s Advanced Protection Mode to mitigate risks.
Company’s Assurance
WhatsApp said it had already fixed the loopholes and is notifying individuals believed to have been targeted in the past 90 days. The company reiterated its commitment to strengthening protections against spyware and surveillance tools.
Source: TOI | Image Source: Google | Image Credit: Respective Owner
