A few days ago, Apple fixed a vulnerability on iOS and macOS that “may have been exploited in an extremely sophisticated attack against specific targeted individuals.” Now, new details have emerged, and it appears that the hacking campaign also leveraged a now-fixed WhatsApp flaw to target its victims. Here are the details.
Meta warns dozens of potentially affected users
As reported by TechCrunch, Meta has confirmed that it fixed a WhatsApp flaw (CVE-2025-55177) that, when used in combination with the flaw that Apple recently fixed on iOS and macOS (CVE-2025-43300), could “allow an attacker to deliver a malicious exploit” and steal user data.
The report came after Donncha Ó Cearbhaill, Head of Security Lab at Amnesty International posted on X about Meta contacting users who may have been targeted by the flaw.
🚨 BREAKING: New zero-click exploit used to hack WhatsApp users.
WhatsApp has just sent out a round of threat notifications to individuals they believe where targeted by an advanced spyware campaign in past 90 days.
Seek out expert help if you have received this alert pic.twitter.com/i4cHLsiNOr — Donncha Ó Cearbhaill (@DonnchaC) August 29, 2025
Meta’s advisory reads:
... continue reading