A highly dangerous vulnerability has been discovered in the WhatsApp app on iPhone and Mac devices, allowing hackers to compromise devices without any user interaction, through what is known as a “Zero-click” attack. These attacks were detected by the Security Lab at Amnesty International and specifically targeted a limited number of users, particularly activists and journalists.
What exactly happened?
Hackers exploited two serious vulnerabilities:
- CVE-2025-55177 in WhatsApp
- CVE-2025-43300 in iOS and macOS systems
The attack could be triggered simply by receiving an image on WhatsApp—no need to click or open anything.
Fewer than 200 users received notifications from WhatsApp about being targeted.
Apple described the attack as "highly sophisticated", targeting individuals with extreme precision.
What’s the solution? How can you protect your device?
-- Immediately update your devices to:
- iOS 18.6.2
- macOS Sequoia 15.6.1
- The latest version of WhatsApp
-- Enable Isolation Mode in the security settings on your iPhone or Mac for added protection against similar attacks.
-- Android users are advised to enable Advanced Protection Mode if available.
Final thoughts:
This is not the first time WhatsApp has been used as a vector for advanced spyware attacks. Amnesty International warns that such threats are ongoing and typically target journalists, activists, and other high-risk individuals.
That’s why keeping your device updated and enabling advanced security features is no longer optional—it’s a security necessity.