WhatsApp has patched a security vulnerability in its iOS and macOS messaging clients that was exploited in targeted zero-day attacks.
The company says this zero-click flaw (tracked as CVE-2025-55177) affects WhatsApp for iOS prior to version 2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78.
“Incomplete authorization of linked device synchronization messages in WhatsApp [..] could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device,” WhatsApp said in a Friday security advisory.
Apparently this affects the Mac, and you can read the full article titled WhatsApp patches vulnerability exploited in zero-day attacks if this interests you. CVE numbers are all here including any others I’ve missed.
I am not going to take this apart for now, I’ll let people do their own research.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.