In a startling cybersecurity development, WhatsApp has confirmed the discovery of a sophisticated spyware campaign that exploited a previously unknown flaw in the messaging app. What makes this attack especially alarming is that it required no action from the victim—not even clicking on a suspicious link.
The Exploit: How Hackers Struck
According to reports, the spyware used a “zero-click” vulnerability (CVE-2025-55177) in WhatsApp, paired with a flaw in Apple’s operating system (CVE-2025-43300). By sending malicious data packets, attackers were able to remotely install surveillance software on target devices.
Unlike phishing scams or malware downloads, zero-click exploits give hackers direct entry into devices without any user interaction. Once inside, the spyware could potentially access private chats, calls, files, and location data—posing a severe risk to personal privacy.
Who Was Targeted?
WhatsApp stated that fewer than 200 individuals globally were affected. However, many of those targeted were reportedly activists, journalists, and civil society members, raising concerns of state-sponsored surveillance. Amnesty International’s Security Lab revealed that traces of the spyware were found not only on iPhones and Mac devices, as WhatsApp initially suggested, but also on Android phones, widening the threat scope.
WhatsApp & Apple Respond with Fixes
Following the discovery, WhatsApp quickly issued patched versions—iOS (2.25.21.73) and macOS (2.25.21.78)—to close the loophole. Apple has also released a security update for iOS and macOS to neutralize the exploit.
In addition to rolling out patches, WhatsApp has directly notified affected users. The platform advised anyone experiencing abnormal device behavior to update immediately, and in extreme cases, perform a factory reset to remove spyware traces.
Safety Measures for Users
Cybersecurity experts are recommending several steps for protection:
- Update WhatsApp and iOS/Android devices to the latest versions.
- Enable Lockdown Mode on iPhones or Advanced Protection Mode on Android for stronger defense.
- Watch out for signs like sudden battery drain, overheating, or unexpected data spikes, which may indicate infection.
Growing Threat of Zero-Click Spyware
This incident is the latest reminder of the rising use of zero-click exploits, tools that were once reserved for intelligence agencies but are now appearing in broader surveillance campaigns. Similar spyware, like Pegasus, has previously been linked to the targeting of political figures and activists worldwide.
Experts warn that such attacks represent the future of cyber espionage, where even cautious users cannot rely solely on safe browsing habits. Instead, timely updates and built-in security protections are becoming the most critical defenses.
The Bottom Line
The WhatsApp spyware attack demonstrates how quickly digital vulnerabilities can be weaponized. While the number of confirmed victims remains small, the sophistication of the exploit makes it a wake-up call for all users. Updating devices promptly and using advanced security features is no longer optional—it’s essential.