WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices

Threat Score:

GB Hackers

4 hours ago

Part of cluster #2300

Overview

WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices WhatsApp has issued a critical security advisory addressing a newly discovered zero-day vulnerability, tracked as CVE-2025-55177, which has been exploited in highly sophisticated zero-click attacks targeting Mac and iOS users. The vulnerability, combined with an OS-level flaw (CVE-2025-43300), has raised alarms the potential compromise of user devices and data, including sensitive messages. Vulnerability Details...

Continue Reading on Original Site

5 articles

Deception in depth: Defending against sophisticated and evolving PRC-nexus espionage campaigns

Brighttalk • 8 hours ago

Presented by Patrick Whitsell, Security Engineer, Google Threat Intelligence Group and Austin Larsen, Principal Threat Analyst, Google Threat Intelligence Group

Score

TransUnion Data Breach Impacts 4.4 Million

SecurityWeek • 11 hours ago

The credit reporting firm did not name the third-party application involved in the incident, only noting that it was used for its US consumer support operations.

Score

WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users

Cybersecurity News • 6 hours ago

A sophisticated attack campaign has leveraged a previously unknown zero-day vulnerability in WhatsApp on Apple devices to target specific users, the company has confirmed. The vulnerability, now identified as CVE-2025-55177, was combined with a separate vulnerability in Apple’s operating systems to compromise devices and access user data. WhatsApp has since patched the vulnerability and has […]

Score

Google Confirms Workspace Accounts Also Hit in Salesforce–Salesloft Drift Data Theft Campaign

SecurityWeek • 11 hours ago

Google says the same OAuth token compromise that enabled Salesforce data theft also let hackers access a small number of Workspace accounts via the Salesloft Drift integration.

Score

In Other News: Iranian Ships Hacked, Verified Android Developers, AI Used in Attacks

SecurityWeek • 9 hours ago

Noteworthy stories that might have slipped under the radar: communications of dozens of Iranian ships disrupted, only apps from verified developers will run on Android devices, and AI used across multiple phases of malicious attacks.

Score

CVES

CVE-2025-43300

CVE-2025-55177

IP ADDRESSES

2.25.21.73

DOMAINS

days.Seek

ATTACK TYPES

Memory Corruption

Spyware Campaign

Spyware Delivery

Zero-Click Attack

Zero-Click Exploit

INDUSTRIES

Cybersecurity

Education

Technology

VULNERABILITIES

Command Injection

DDoS

DoS

Memory Corruption

Remote Code Execution

COMPANIES

AMD

Adobe

Amazon

Amnesty International

Apple

SECURITY VENDORS

Cloudflare

PLATFORMS

AWS

Android

Apache

Azure

IIS

RANSOMWARE

AnDROid

Zlader

core

MALWARE

Dark

MITRE ATT&CK

T1055

T1069

T1070.001

T1071.001

T1086

IP ADDRESSES

2.25.21.73

DOMAINS

days.Seek

ARTICLE INFORMATION

Article #15636

Published 4 hours ago

GB Hackers

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

Deception in depth: Defending against sophisticated and evolving PRC-nexus espionage campaigns

TransUnion Data Breach Impacts 4.4 Million

WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users

Google Confirms Workspace Accounts Also Hit in Salesforce–Salesloft Drift Data Theft Campaign

In Other News: Iranian Ships Hacked, Verified Android Developers, AI Used in Attacks

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies