Particle.news
Download on the App Store
3 ARTICLES
·
3mo ago

Samsung Confirms Active Exploitation of WhatsApp Zero-Click Flaw as Urgent Updates Roll Out

Immediate installation of app and system patches is urged due to uneven rollout across devices.

Overview

  • Meta confirmed a high-risk zero-click vulnerability in WhatsApp that can install spyware via crafted images or URLs processed in the background.
  • Samsung reports the exploit is being used in the wild against many Galaxy phones on Android 13 or newer, enabling potential remote access by attackers.
  • Apple and Meta released fixes for iOS, iPadOS, macOS and WhatsApp tied to CVE-2025-55177 and CVE-2025-43300, and Samsung cites CVE-2025-21043 for Android exposure, with the flaw linked to a shared image-processing library.
  • Devices at risk include WhatsApp for iOS before 2.25.21.73, WhatsApp Business for iOS before 2.25.21.78, WhatsApp for Mac before 2.25.21.78, iOS before 18.6.2, and macOS before 15.6.1.
  • Updates are available in the App Store and Google Play, but distribution is staggered, so users should manually check for updates and enable automatic updates.