WhatsApp patches vulnerability exploited in zero-day attacks

Threat Score:

BleepingComputer

7 hours ago

Part of cluster #2300

Overview

WhatsApp patches vulnerability exploited in zero-day attacks Sergiu Gatlan August 29, 2025 12:31 PM 0 WhatsApp has patched a security vulnerability in its iOS and macOS messaging clients that was exploited in targeted zero-day attacks. The company says thiszero-click flaw(tracked as CVE-2025-55177) affects WhatsApp for iOS prior to version 2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78. "Incomplete authorization of linked device synchronization messages in Wh...

Continue Reading on Original Site

5 articles

Deception in depth: Defending against sophisticated and evolving PRC-nexus espionage campaigns

Brighttalk • 8 hours ago

Presented by Patrick Whitsell, Security Engineer, Google Threat Intelligence Group and Austin Larsen, Principal Threat Analyst, Google Threat Intelligence Group

Score

WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices

GB Hackers • 4 hours ago

WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices WhatsApp has issued a critical security advisory addressing a newly discovered zero-day vulnerability, tracked as CVE-2025-55177, which has been exploited in highly sophisticated zero-click attacks targeting Mac and iOS users. The vulnerability, combined with an OS-level flaw (CVE-2025-43300), has raised alarms the potential compromise of user devices and data, including sensitive messages. Vulnerability Details

Score

TransUnion Data Breach Impacts 4.4 Million

SecurityWeek • 11 hours ago

The credit reporting firm did not name the third-party application involved in the incident, only noting that it was used for its US consumer support operations.

Score

WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users

Cybersecurity News • 6 hours ago

A sophisticated attack campaign has leveraged a previously unknown zero-day vulnerability in WhatsApp on Apple devices to target specific users, the company has confirmed. The vulnerability, now identified as CVE-2025-55177, was combined with a separate vulnerability in Apple’s operating systems to compromise devices and access user data. WhatsApp has since patched the vulnerability and has […]

Score

Google Confirms Workspace Accounts Also Hit in Salesforce–Salesloft Drift Data Theft Campaign

SecurityWeek • 11 hours ago

Google says the same OAuth token compromise that enabled Salesforce data theft also let hackers access a small number of Workspace accounts via the Salesloft Drift integration.

Score

CVES

CVE-2025-43300

CVE-2025-55177

IP ADDRESSES

2.25.21.73

ATTACK TYPES

Data Exfiltration

Remote Code Execution

Spyware Campaign

Spyware Delivery

Zero-Click Attack

VULNERABILITIES

Memory Corruption

RCE

Remote Code Execution

Zero-Day

COMPANIES

Amnesty International

Apple

Citrix

Qualcomm

PLATFORMS

Android

Citrix

iOS

macOS

RANSOMWARE

AnDROid

Hacked

MALWARE

Graphite

MITRE ATT&CK

T1055

T1059.007

T1068

T1069

T1070.001

INDUSTRIES

Cybersecurity

Technology

Telecommunications

IP ADDRESSES

2.25.21.73

ARTICLE INFORMATION

Article #15601

Published 7 hours ago

BleepingComputer

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

Deception in depth: Defending against sophisticated and evolving PRC-nexus espionage campaigns

WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices

TransUnion Data Breach Impacts 4.4 Million

WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users

Google Confirms Workspace Accounts Also Hit in Salesforce–Salesloft Drift Data Theft Campaign

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies