Here’s how to avert the WhatsAppocalypse.
WhatsApp is warning iPhone users to update the messaging service as soon as possible amid an insidious, precision cyberattack against specific individuals.
“We assess that this vulnerability, in combination with an OS-level vulnerability on Apple platforms (CVE-2025-43300), may have been exploited in a sophisticated attack against specific targeted users,” the advisory reads.
Dubbed CVE-2025-55177, this digital flaw could have “allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device,” per the advisory.
In layperson’s terms, the attacker can send the user malware or spyware under the guise of a harmless-looking link, Bitedefender reported. Donncha Ó Cearbhaill from Amnesty International warned in a series of X posts that the vulnerability is a “zero-click” bug, meaning the victim doesn’t have to interact with the link to be infected, unlike most malware scams.
The bad actors, who have yet to be identified, then “compromise your device and the data it contains, including messages,” per the PSA.
The advanced spyware campaign targeted dozens of users over a three-month period, he warned.
And while the WhatsApp warning claims that only iOS and macOS are impacted, Ó Cearbhaill says “early indications are that the WhatsApp attack is impacting both iPhone and Android users, civil society individuals among them.”
Ó Cearbhaill also uploaded screenshots of the ominous warnings that the Meta-owned company sent to the individuals potentially under threat of the digital Trojan horse.
“Our investigation indicates that a malicious message may have been sent to you through WhatsApp and combined with other vulnerabilities in your device’s operating system to compromise your device and the data it contains, including messages,” it reads. “While we don’t know with certainty that your device has been compromised, we want to let you know out of an abundance of caution so you can take steps to secure your device and information.”
They added that although they’d made changes to stave off the attack, the individuals’ operating systems could be compromised by malware, therefore necessitating some precautions.
The prescribed precautions, per the customized warning, included undergoing a “full factory reset” and ensuring that both WhatsApp and one’s IOS is up to date.
That means upgrading to at least v2.25.21.73 for IOS and v2.25.21.78 for Mac, the techsperts at bitedefender suggested.
Meanwhile, Ó Cearbhaill advised enabling “iOS Lockdown Mode or Android‘s Advanced Protection Mode to help protect against attacks.”
This new threat comes amid a veritable onslaught of cybercrimes.
The FBI recently warned that a clandestine crew of international cyberhackers known as “Scattered Spider” — which had been linked to data breaches at insurance giant Aflac, along with several UK retailers — had now set its sights on the friendly skies.
“The FBI has recently observed the cybercriminal group Scattered Spider expanding its targeting to include the airline sector,” the agency said. “These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access.”
