WhatsApp iPhone, Mac Users Face Zero-Click Cyber Attack
A major cyber attack has once again come to light in the digital security landscape, with iPhone and Mac users of WhatsApp being the primary targets. WhatsApp’s security team has uncovered a dangerous vulnerability that hackers exploited with precision. The attack involved a “zero-click” technique, which does not require any action from the user, yet opens a critical security gap in their devices. What makes this attack particularly alarming is that members of civil society were among the main targets of this spyware operation.
What is this cyber attack?
According to WhatsApp’s security team, the incident involved a serious flaw (CVE-2025-55177) linked to insufficient authorization in linked device synchronization messages. Exploiting this flaw, hackers were able to process malicious content through their compromised URLs on targeted devices. Importantly, this vulnerability was present in older versions of WhatsApp for both iOS and MacOS, leaving users of outdated versions completely exposed.
Additionally, Apple’s platform was found to have another major weakness (CVE-2025-43300) in the ImageIO framework. This flaw caused memory corruption when processing malicious images, which could compromise the entire device.
Together, these vulnerabilities enabled a highly sophisticated, advanced, zero-click spyware technique, leaving users with no indication that their devices were being hacked.
Who was targeted and how?
A report by Amnesty International’s Security Lab revealed that nearly 200 individuals worldwide were targeted in this campaign. Most of the victims were civil society members, human rights activists, journalists, and social advocates. This indicates that the attack was not an ordinary hacking attempt but a covert spyware operation orchestrated by a powerful and organized entity.
Donncha Ó Cearbhaill, Head of Amnesty’s Security Lab, confirmed that WhatsApp has directly notified those believed to have been affected in the past 90 days. He highlighted that the defining feature of this attack was the absence of any need for users to click a link or open a message, making this zero-click method exceptionally dangerous.
Response from WhatsApp and Apple
Recognising the severity of the situation, WhatsApp and Apple immediately activated their security teams and released patches and updates in July and August 2025 for affected versions. WhatsApp declared all versions prior to 2.25.21.73 on iOS and 2.25.21.78 on Mac as unsafe. It also advised affected users to perform a complete factory reset of their devices and to keep both their operating systems and apps updated at all times.
Apple, on its part, patched the ImageIO framework vulnerability and issued secure updates to protect devices. Both companies emphasised their commitment to safeguarding users and ensuring faster detection of such flaws in the future.
Essential safety measures
Experts from WhatsApp and Apple have advised users to take the following precautions to protect themselves from similar cyber attacks:
- Update iPhones, Macs, and WhatsApp to the latest versions immediately.
- iPhone users should enable Lockdown Mode, which restricts unnecessary network connections and potential threats.
- Android users are advised to enable Google’s Advanced Protection Mode for added security.
- Avoid clicking on unknown or suspicious links, especially those received from unverified sources.
- Regularly review security settings and remain vigilant for unusual activity.
- If suspicious behaviour is detected on a device, seek professional assistance or perform a factory reset without delay.
A new challenge in cyber security
This incident underscores the persistent risks to smartphone security, especially when linked to social media and messaging apps like WhatsApp. The ability to conduct surveillance without any user interaction highlights the growing severity of digital threats. It also confirms that cyber spyware campaigns continue to target civil society members, journalists, and human rights defenders, making prevention a formidable challenge.
While WhatsApp and Apple’s quick response and updates offer some relief, it is clear that personal responsibility remains central to digital safety.
Conclusion
This incident serves as a crucial warning for WhatsApp and Apple users: neglecting security can have serious consequences. Keeping devices and apps updated, using advanced security features like Lockdown Mode, and staying alert to suspicious activity are essential. Ultimately, protecting personal privacy and safety in the digital space is each individual’s responsibility, as cyber threats have become increasingly complex and dangerous.
Following this attack, WhatsApp and Apple’s security teams have issued alerts urging all users to prioritise device security and remain vigilant against potential spyware intrusions.
Also Read
