WhatsApp has warned that hackers may have exploited a security flaw in its apps for Apple devices to launch a targeted spyware campaign.
The flaw, tracked as CVE-2025-55177, affects certain versions of WhatsApp for iOS and macOS. It could have allowed attackers to deliver malicious code via hidden links inside regular-looking messages. According to WhatsApp, the issue was linked to weak authorization checks in how messages were synced between devices.
The affected versions include WhatsApp for iOS before v2.25.21.73; WhatsApp Business for iOS v2.25.21.78; WhatsApp for Mac v2.25.21.78.
The company believes that the flaw may have been used in tandem with another Apple vulnerability (CVE-2025-43300) to target specific users. The flaw impacts ImageIO framework and allows attackers to run malicious code when a user opened an image in WhatsApp.
In April, WhatsApp patched both vulnerabilities and a related spoofing issue that made harmful files appear as safe documents like images or PDFs. WhatsApp says it has not found evidence of widespread exploitation but recommends all users to update to the latest version to minimize the risks.