WhatsApp Bug Anchors Targeted Zero-Click iPhone Attacks
Summary
Attackers exploited a WhatsApp vulnerability (CVE-2025-55177, CVSS 5.4) in a zero-click campaign against specific Apple users that likely delivered spyware. The WhatsApp flaw allowed processing of content from arbitrary URLs on a target device and was used in combination with an Apple OS out-of-bounds write zero-day (CVE-2025-43300), which Apple patched in August. Meta issued in-app threat notifications to fewer than 200 users and US authorities urged federal staff to update devices immediately. WhatsApp and Apple have released fixes; affected users should update apps and OSes and high-risk individuals may need a factory reset.
Key Points
- The WhatsApp vulnerability CVE-2025-55177 (affects iOS WhatsApp prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78) could trigger processing of content from an arbitrary URL on a target device.
- Attackers chained this flaw with an Apple OS-level zero-day (CVE-2025-43300, out-of-bounds write) to perform zero-click exploits that may install spyware.
- Meta sent standard in-app threat notifications to under 200 users worldwide; reports suggest targets include journalists, activists and public figures.
- Amnesty International indicates Android users may also have been targeted and is investigating the incidents.
- CISA and vendors advise immediate application updates; federal users should follow vendor mitigations and directives such as BOD 22-01.
- High-risk individuals (journalists, activists, public figures) may need to factory reset devices to ensure compromise removal.
Context and Relevance
This episode fits a pattern of highly targeted mobile cyber‑espionage (Pegasus-era campaigns) that use zero-click vectors to compromise devices without user interaction. It underscores how attackers chain app and OS weaknesses to reach specific targets and why rapid patching, vendor coordination and strong device hygiene remain critical defences for both organisations and high-risk individuals.
Why should I read this
If you use WhatsApp on an iPhone — update now. Seriously. The piece explains how attackers can hit you without you tapping anything and why some people need to go beyond a simple update. We’ve read the slog so you don’t have to: update apps and iOS, check vendor advisories, and if you’re in the crosshairs, consider a factory reset.
