Particle.news
Download on the App Store
4 ARTICLES
·
last wk.

WhatsApp Zero-Click Flaw on Apple Devices Prompts Spyware Alerts as Patches Land

Updates are available, with security teams urging immediate installation to block a confirmed vulnerability chain.

Image
Image

Overview

  • Researchers and outlets detail CVE-2025-55177 in WhatsApp’s linked-device sync that enables zero-click spyware delivery to iPhones, iPads and Macs.
  • CVE-2025-43300 in Apple’s Image I/O can be chained with the WhatsApp bug via crafted URLs or manipulated images to take full control of devices.
  • Meta says it addressed the app-side issue with end-of-August releases; Apple closed the image-processing flaw in recent OS updates.
  • Minimum safe versions cited: WhatsApp for iOS 2.25.21.73, WhatsApp Business for iOS 2.25.21.78, WhatsApp for Mac 2.25.21.78, iOS 18.6.2, and macOS 15.6.1.
  • Amnesty’s Security Lab reports some users received warnings about malicious messages, and advises updating immediately and factory-resetting devices if compromise is suspected.