CyberSecurity

    iPhone users urged to update WhatsApp after silent cyberattack surfaces

    iPhone users are urged to update WhatsApp immediately after a zero-click attack exposes devices to silent malware and spyware risks.
    Memet Deniz Yucekaya
    iPhone-users-cyberattack-whatsapp-1

    A stealthy cyberattack has exposed a major WhatsApp vulnerability, and iPhone users are at risk whether they clicked anything or not.

    iPhone users targeted by zero-click WhatsApp exploit

    iPhone-users-cyberattack-whatsapp-2

    WhatsApp has issued a critical warning after discovering a months-long cyberattack targeting a select group of iPhone users. The breach, revealed on September 1, involves a flaw labeled CVE-2025-55177, which lets attackers process content from arbitrary URLs without requiring any user interaction.

    In short, the malware can infect a device through a message alone. No tap, no click, just received.

    Samsung and SK Hynix lose US waiver on chip gear for China

    Exploit tied to Apple system flaw and WhatsApp vulnerability

    This attack isn’t just WhatsApp’s problem. Security teams believe it also hinges on a related Apple platform vulnerability (CVE-2025-43300). Combined, the two flaws open the door for attackers to access messages, files, and other personal data.

    One of the in-app warnings sent to affected users reads:

    “A malicious message may have been sent to you through WhatsApp and combined with other vulnerabilities in your device’s operating system to compromise your device and the data it contains.”

    The message also notes that the evidence isn’t conclusive but urges caution anyway.

    WhatsApp outlines steps iPhone users should take now

    To secure your device and data, WhatsApp and security experts recommend the following:

    • Update to WhatsApp v2.25.21.73 on iOS
    • Update to WhatsApp v2.25.21.78 on Mac (if applicable)
    • Make sure your iPhone’s iOS is fully updated
    • Perform a full factory reset to eliminate any trace of infection
    • Enable iOS Lockdown Mode for ongoing protection

    Security firm Bitdefender emphasized that this is a zero-click attack, meaning you could be infected even if you didn’t engage with the message.

    Amnesty researcher highlights scale of threat

    Donncha Ó Cearbhaill of Amnesty International confirmed the seriousness of the bug in a series of posts, calling it “extremely sophisticated.” Because it exploits system-level weaknesses and requires no interaction, it’s far more dangerous than typical phishing attempts.

    More threats loom for iPhone users and beyond

    The incident adds to a growing list of cybercrime reports. The FBI recently warned that hacking group Scattered Spider has shifted its focus to the airline industry, using impersonation and social engineering to breach secure systems.

    The stakes are only rising, and iPhone users may now be the first line of defense in a new era of zero-click threats.

    No comments yet Write the First Comment
    ×

    Your comment has been submitted,
    it will be published after approval.

    Write a Comment