Apple iPhone users who have WhatsApp installed on their devices are urged to update the app immediately after a huge security bug was patched that allowed attackers to steal data from iPhone units owned by targeted individuals. The warning came from WhatsApp, which is owned by Meta. In its August security advisory, WhatsApp listed two vulnerabilities that, when combined, could have led to serious problems for iPhone users.
A combination of software flaws could allow attackers to steal personal data from iPhone units
WhatsApp's monthly advisory includes a warning about CVE-2025-55177: "Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device. We assess that this vulnerability, in combination with an OS-level vulnerability on Apple platforms (CVE-2025-43300), may have been exploited in a sophisticated attack against specific targeted users."
Screenshot of the WhatsApp up for iOS. | Image credit-PhoneArena
The last sentence is concerning since it indicates that the flaws might have been capitalized on by attackers. The flaw can be exploited through malware and spyware sent to the victim as part of a link that looks harmless. Amnesty International's Donncha Ó Cearbhaill said in a series of posts on "X" that this is an "advanced spyware campaign" that has been targeting iPhones since May. Ó Cearbhaill described the combination of the two CVEs as a "zero-click" attack; such attacks do not need the device user to have any interaction with his or her phone to set off the attack.
The tweets from Ó Cearbhaill note that once the attack is set off, it will "compromise your device and the data it contains, including messages." The group that is behind the attack is unknown at the moment. Despite WhatsApp's warning that the messaging app's vulnerabilities have been limited to iOS and macOS, there are some indications that Android devices night also be included.
Apple iPhone users are not going to like this, but iPhone users are being told by WhatsApp and Meta to perform a full factory reset to eliminate any malware. In addition, you should have the latest version of iOS installed on your iPhone, along with the most up-to-date version of WhatsApp, which can be found in the App Store by clicking on this link. You want to update to version v2.25.21.73 or higher.
Will you factory reset your iPhone as suggested?
No way.
75%
To protect my personal data, I will perform a factiry reset.
25%
I haven't decided yet.
0%
If you want to protect your Android device from this attack, you can install the latest version of the app by heading over to the Play Store and installing the latest version of the app. You can do that by tapping on this link.
Recommended Stories
Ó Cearbhaill also suggests that iPhone users enable iOS Lockdown Mode or Android's Advanced Protection Mode to help protect against attacks. Meanwhile, Meta spokesperson Margarita Franklin says that the flaw was patched just "a few weeks ago," and that less than 200 notifications were sent out to WhatsApp users affected by the flaw.
If you received this notification from WhatsApp, your phone might have been compromised
These notifications said, "Our investigation indicates that a malicious message may have been sent to you through WhatsApp and combined with other vulnerabilities in your device’s operating system to compromise your device and the data it contains, including messages. While we don’t know with certainty that your device has been compromised, we want to let you know out of an abundance of caution so you can take steps to secure your device and information."
When WhatsApp sends you an alert, you should listen. Earlier this year, WhatsApp was able to breakup a spyware campaign that targeted 90 users including journalists and members of Italy's civil society.
Good news everyone! Over the past year we've been working on an exciting passion project of ours and we're thrilled to announce it will be ready to release in just a few short months.
"Iconic Phones: Revolution at Your Fingertips" is a must-have coffee table book for every tech-head that will bring you on a journey to relive the greatest technological revolution of the 21st century. For more details, simply follow the link below!
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts:
New accounts created within the last 24 hours may experience restrictions on how frequently they can
post or comment.
These limits are in place as a precaution and will automatically lift.
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
![Verizon is down across the US, and no one knows when service will be back [UPDATED]](https://m-cdn.phonearena.com/images/article/173671-wide-two_350/Verizon-is-down-across-the-US-and-no-one-knows-when-service-will-be-back-UPDATED.webp)
![Some T-Mobile users need to restart their phones [UPDATED]](https://m-cdn.phonearena.com/images/article/173654-wide-two_350/Some-T-Mobile-users-need-to-restart-their-phones-UPDATED.webp)
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed:
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts: