Top News

Whatsapp and Apple have issued immediate security updates to correct a dangerous zero-click vulnerability used in sophisticated spyware attacks. These flaws, identified as CVE-2025-55177 (WhatsApp) and CVE-2025-43300 (Apple), could hack the iPhone and Mac of the participation of the user without the user, which led to a serious threat to the data secrecy. These updates released in August 2025 solve these serious problems and users are urged to update immediately to stay safe.

This vulnerability of Whatsapp (CVE-2025-55177, CVSS score: 8.0) affected Whatsapp Business for iOS before 2.25.21.73, 2.25.21.78 before IOS and 2.25.21.78. The device stems from an inappropriate authority of synchronization messages, causing the attackers to trigger malicious material from arbitrary URLs. With an out-of-bounds right defect in Apple’s CVE-2025-43300, Imageio Framework (CVSS score: 8.8), this exploitation made the remote code execution facilitated through malicious images, surprising high-profile persons such as workers and journalists.

Apple packed the CVE-2025-43300 on August 20, 2025 along with iOS 18.6.2, iPados 18.6.2, and Macos Sequoia 15.6.1, including others, which improved the boundary check to prevent memory corruption. Whatsapp improved this on 29 August, in which Meta informed less than 200 affected users. The security lab of Amnesty International said that the campaign, active since May 2025, targeted both iOS and Android users, which highlighted the increasing threat of zero-click exploitation associated with spyware vendors such as Paragon Solutions.

To stay safe, immediately update WhatsApp and Apple device to the latest version. Avoid suspected links or files, and instantly install the safety patch to avoid increasing cyber threats.