WhatsApp Fixes Zero-Click Spyware Exploit Targeting Apple iPhone and Mac Users
Sep 1, 2025
What’s the Threat?
On August 29, 2025, WhatsApp urgently patched a dangerous “zero-click” vulnerability—known as CVE-2025-55177—affecting its apps on iOS and macOS. This flaw was being exploited in the wild to stealthily infect Apple devices with spyware, requiring no user interaction.
Security researchers on WhatsApp’s internal team discovered that the bug stemmed from insufficient authorization checks in the linked-device synchronization feature, allowing an attacker to trigger arbitrary URL processing on the target device.
How It Worked
This zero-click bug was used in tandem with an Apple OS vulnerability—CVE-2025-43300—to deliver spyware to specific targeted users. The campaign, described by Apple as “extremely sophisticated”, enabled attackers to infiltrate devices without the victims ever clicking a link or opening a file.
What’s Been Done
WhatsApp released an emergency patch for:
WhatsApp for iOS (versions before 2.25.21.73)
WhatsApp Business for iOS (versions before 2.25.21.78)
WhatsApp for Mac (vbefore 2.25.21.78)
Apple had already addressed the related OS-level flaw (CVE-2025-43300) just a week prior.
Users are strongly advised to promptly update both WhatsApp and their Apple devices to the latest versions.
Why It Matters
Zero-click exploits are among the most insidious threats in mobile security, as they bypass all traditional user-based defenses like cautious clicking and antivirus scanning. Affected users may not notice anything was amiss—until it’s too late.
Context & Precedents
This incident is the latest in a troubling trend:
In 2019, the Pegasus spyware notably exploited WhatsApp itself via a zero-click vulnerability, triggering widespread alarm and legal action.
Operation Triangulation in 2023 showcased how complex and unnoticed iOS attacks can become, leveraging multiple zero-day flaws to infiltrate devices without detection.
These attacks highlight how state-of-the-art espionage tools continue to outpace current mobile defenses.
What Should You Do?
Update WhatsApp (iOS and macOS versions mentioned above).
Apply Apple’s latest security updates.
Be especially vigilant if you suspect you could be a “targeted user,” such as journalists, activists, or individuals under surveillance.
Summary Table
Component | CVE / Versions Affected | Action Taken |
|---|---|---|
WhatsApp (iOS & Mac) | CVE-2025-55177 (zero-click bug) | Emergency patch by WhatsApp Security Team |
Apple OS | CVE-2025-43300 | Patched in OS updates last week |
This incident underscores the importance of staying current on updates—and the urgent need for enhanced-secure architecture in messaging platforms.
Disclaimer: ClearPhish maintains a strict policy of not participating in the theft, distribution, or handling of stolen data or files. The platform does not engage in exfiltration, downloading, hosting, or reposting any illegally obtained information. Any responsibility or legal inquiries regarding the data should be directed solely at the responsible cybercriminals or attackers, as ClearPhish is not involved in these activities. We encourage parties affected by any breach to seek resolution through legal channels directly with the attackers responsible for such incidents.
