Cyber criminals have an evil eye on WhatsApp users.
Highlights
Cyber criminals have an evil eye on WhatsApp users.
WhatsApp has uncovered a cyber espionage or hacking campaign.
The security of around 200 users across the world was compromised during spying.
Cybercriminals are targeting WhatsApp users, as hackers exploited several security flaws in the platform and Apple devices. WhatsApp has uncovered a cyber espionage or hacking campaign that reportedly targeted civil society activists. The Meta-owned company said in a statement that it has fixed the flaws hackers were using to attack specific users. Let's learn more about it.
WhatsApp said in a statement that prior to WhatsApp v2.25.21.73 for iOS, WhatsApp Business v2.25.21.78 for iOS, and WhatsApp v2.25.21.78 for Mac, incomplete authorization of linked device synchronization messages could allow unintentional users to initiate processing of content from their URL on the target device.
WhatsApp , while disclosing the security breach, said that hackers discovered several vulnerabilities and used them to attack WhatsApp, which posed a threat to both the WhatsApp app and Apple devices. Without revealing much about the cyber attack, the company said that we believe this vulnerability, in combination with an operating system-level vulnerability (CVE-2025-43300) on the Apple platform, may have been exploited in an attack against specific users.
The security of around 200 users worldwide was compromised during the spying operation. Amnesty International's Security Lab says that civic organizations may also be at risk. Donncha O Cearbhaill, head of Amnesty International's Security Lab, said that members of civic organizations may also be affected by this surveillance operation. He said that WhatsApp also informed about the threat by sending notifications to those who they believe have been targeted by an advanced spyware campaign in the last 90 days.
According to a post by O'Cerbell on X, early indications are that the WhatsApp attack is affecting both iPhone and Android users, particularly those in the civic community. Apple identified the vulnerability in a core image library, and advised users to keep their devices updated and enable iOS's Lockdown Mode or Android's Advanced Protection Mode to protect against such attacks.
