WhatsApp Reforms ‘Zero Click’ used to penetrate Apple users with spyware

WhatsApp said on Friday that fixing a safety error in iOS and Mac applications that have been used to surreptitiously penetrate Apple for “specific users”.

The giant of the correspondent applications owned by the description in its security consultant said that it has fixed weakness, known Officially like CVE-2025-55177Which was used side by side Paths like CVE-2025-43300.

Apple said at the time that the defect was used in “a very advanced attack against specific targeted individuals.” Now we know that dozens of WhatsApp users have been targeted with this pair of defects.

Donncha ó CEARBHAILL, who heads the Amnesty International Security Laboratory, described the attack In a post on x As a “advanced spyware campaign” targeting users over the past ninety days, or since the end of May. Cearbhaill described the pair of mistakes as an “click zero” attack, which means that it does not require any reaction from the victim, such as clicking on a link, to settle their devices.

Two bedbugs are allowed together for the attacker to provide harmful exploitation through WhatsApp capable of stealing data from the user’s Apple.

For all Cearbhaill, who posted a copy of the threat notice that WhatsApp sent to affected users, the attack enables the “settlement of your device and the data it contains, including messages.”

It is not immediately clear from, or any spyware seller, behind the attacks.

When TECHRUNCH reached it, Meta Margaita Franklin confirmed that the company discovered and correct the defect “a few weeks ago” and that the company sent “less than 200” signs of the affected WhatsApp users.

The spokesperson did not say, when asked, if the WhatsApp had evidence that the breakthroughs were attributed to a specific striker or a surveillance seller.

This is not the first time that WhatsApp users have been targeted Government spy programsA type of harmful programs that are able to storm the entire corrected devices with unknown weaknesses for the seller, known as Zero day flaws.

In May, an American court ordered Maker Maker NSO Group to pay WhatsApp 167 million dollars as compensation For the 2019 piracy campaign that stormed the devices of more than 1,400 WhatsApp users with an exploitation capable of growing PEGASUS spyware from NSO. WhatsApp It brought the legal issue Against NSO, quoting the violation of federal and state piracy laws, as well as the conditions of its service.

Earlier this year, WhatsApp The spyware campaign disrupted It targeted about 90 users, including journalists and civil society members throughout Italy. Italian government He denied her participation in the espionage campaign. Paragon, which was used to spy programs in the campaign, later Italy cut off its piracy tools For her failure to investigate ill -treatment.

Have you received a notification that your device was at risk? Contact this reporter safely via the ZacKwhittaker.1337 username.