GOLD/FOREX
DUBAI 33°C
PRAYER TIMES
TECHNOLOGY
TECHNOLOGY

All iPhone users urged to update WhatsApp now after ‘extremely sophisticated’ cyberattack

Users urged to enable iOS Lockdown or Android Advanced Protection for added security

Last updated:
Lekshmy Pavithran, Assistant Online Editor
2 MIN READ
‘Extremely sophisticated’ WhatsApp attack prompts urgent iPhone update
‘Extremely sophisticated’ WhatsApp attack prompts urgent iPhone update
Shutterstock

WhatsApp has confirmed it has fixed a serious security flaw in its iOS and Mac apps, following an advanced spyware campaign that targeted dozens of users over a three-month period. Experts have described the attack as “extremely sophisticated,” prompting urgent warnings for iPhone users to update immediately.

Zero-click bug compromised devices

The vulnerability, dubbed CVE-2025-55177, is a “zero-click” flaw, meaning victims did not need to interact with any link for their devices to be compromised, explained Donncha Ó Cearbhaill, head of Amnesty International’s Security Lab. Attackers could access messages and other sensitive data without any user action.

How the attack worked

WhatsApp’s advisory notes that the bug, combined with an OS-level flaw on Apple devices (CVE-2025-43300), allowed attackers to trigger processing of content from arbitrary URLs. In simpler terms, malware or spyware could be delivered under the guise of harmless-looking links.

Ó Cearbhaill added that early indications show both iPhone and Android users were affected, including civil society individuals. The attackers remain unidentified.

Warnings and precautions

Meta sent personalised warnings to potentially affected users, advising them to update WhatsApp and iOS to the latest versions or perform a full factory reset if needed. Recommended updates include v2.25.21.73 for iOS and v2.25.21.78 for Mac.

Users were also advised to enable iOS Lockdown Mode or Android’s Advanced Protection Mode for extra security.

Scope and implications

The campaign highlights the growing sophistication of cyber threats. While initially thought to affect only iOS and macOS, evidence suggests Android devices may also be at risk. The incident underscores the critical importance of prompt updates and protective measures to safeguard personal data.

WhatsApp introduces new safety feature

WhatsApp is rolling out a feature to protect users from group chat scams that could target bank accounts. It applies to anyone invited to a group chat by someone they might not know.

How the new safety overview works

The app will display a “safety overview” before users can view messages. It includes:

  • Group creation date, inviter, and member count

  • Scam warnings and tips to limit group invitations

  • Options to exit the group immediately or view the chat for more information

This builds on the context card feature introduced last year but adds an interstitial warning for unfamiliar invites.

WhatsApp’s broader anti-scam initiatives

According to The Sun, WhatsApp’s new safety overviews are part of its ongoing efforts to tackle scams. In June, the platform, in partnership with Meta and OpenAI, shut down a criminal scam operation in Cambodia that used AI to lure victims into fraudulent WhatsApp groups.

Related Topics:
WhatsAppiPhone

Sign up for the Daily Briefing

Get the latest news and updates straight to your inbox

Up Next

Related Stories

Left: Sarrah Khilawala from Sharjah, a mum of two, and right: Sumit Augustine, a public relations professional with her son.

UAE mums talk: Are parent WhatsApp groups stressful?

7m read
TDRA explained that if a user receives a message suspected to be fraudulent, they should visit the TDRA website to verify its authenticity.

New AI-powered 'digital fraud hunter' to combat scams

3m read
WhatsApp has rolled out new safety features, including alerts when users are added to unknown group chats.

New features unveiled as WhatsApp shuts 7m accounts

2m read
WhatsApp: Get the group talking live with Voice Chats

WhatsApp: Get the group talking live with Voice Chats

2m read