WhatsApp Reveals Bug that Enabled Targeted Attacks on Apple Users
In a recent update, WhatsApp revealed that it had patched a security bug in its iOS and Mac clients that enabled targeted attacks against "specific targeted" Apple users. The bug, known as CVE-2025-55177, was used to deliver advanced spyware that targeted individuals working for charities, NGOs, or as journalists, according to Donncha Ó Cearbhaill, Head of Security Lab at AmnestyTech.
The campaign is thought to have been going on since the end of May, with attackers utilizing a combination of both bugs to force content from an "arbitrary URL" to be rendered on a target's device. As it was a "zero-click" hack, users did not need to click a link or perform any action for the attack to succeed.
WhatsApp's announcement comes after Apple announced last month that it had released emergency updates for a separate OS-level flaw dubbed CVE-2025-43300, saying it had been exploited in an "extremely sophisticated attack." Ó Cearbhaill notes that the hack campaign utilized both bugs, highlighting the vulnerabilities of WhatsApp users.
The Meta-owned messaging app has begun notifying users it believes may have been impacted by the hack. However, while it says it has made changes to prevent this specific attack from occurring again via WhatsApp, the devices of targeted users could remain compromised by the malware or "be targeted in other ways."
Amnesty's cyber expert recommends that users who feel they may have been affected should complete a full device factory reset, as well as keep their devices updated to the latest version of the operating system, and ensure that their WhatsApp app is up to date.
The Scope of the Attack
AmnestyTech has reported that individuals working for charities, NGOs, or as journalists were specifically targeted by the campaign. These include people who may have been using public Wi-Fi networks without proper security measures in place.
The Implications and Consequences
The implications of this attack are significant, with potential consequences for users' personal data and national security. Governments have been accused of using sophisticated spyware to spy on NGO workers and journalists via WhatsApp in recent months. In June, Italy axed its contracts with Israeli spyware firm Paragon, after an investigation alleged its software had been used to spy on Italian journalists and migrant charity workers via WhatsApp.
However, these claims have so far been denied by the Italian government. The fact that governments are using WhatsApp for espionage highlights the need for greater transparency and accountability in the use of digital technologies.
The Response from WhatsApp
WhatsApp has not named a possible culprit behind the attack but has taken steps to prevent this specific attack from occurring again via WhatsApp. However, it is crucial that users remain vigilant and take proactive measures to protect their devices and data.
"Users should keep their devices updated to the latest version of the operating system, ensure that their WhatsApp app is up to date, and complete a full device factory reset if they believe they may have been affected," says Ó Cearbhaill. "We urge users to be cautious when using public Wi-Fi networks without proper security measures in place."