WhatsApp has announced the discovery of a hacking attempt that took advantage of vulnerabilities in its application as well as in Apple devices. The company reported that it has resolved the issue and estimates that fewer than 200 individuals globally were impacted.
The company has released an official statement detailing how attackers exploited a vulnerability in WhatsApp, identified as CVE-2025-55177, in conjunction with another flaw in Apple’s operating system, CVE-2025-43300. These vulnerabilities may have enabled hackers to take control of a target’s device by compelling it to process content from a harmful web address.
A report from Reuters indicates that human rights organisation Amnesty International has stated that some of the individuals affected seem to be affiliated with civic organisations. Donncha Ó Cearbhaill, the head of Amnesty’s Security Lab, announced that his team has initiated the collection of forensic data from potential victims, cautioning that users of both iPhone and Android devices are at risk. He further observed that additional applications might have fallen victim to the same campaign.
WhatsApp has acknowledged the efforts of its security team in identifying the issue, describing the attack as highly sophisticated. However, it has affected only a select group of targets.
