A new zero-click vulnerability, CVE-2025-55177, has been uncovered in WhatsApp. This flaw allows attackers to deploy spyware on Apple devices without any user interaction. Security researchers recently discovered that cybercriminals have already exploited this vulnerability in targeted attacks, raising serious concerns for iPhone users worldwide.
How the Exploit Works
The exploit leverages a zero-click method, meaning that victims do not need to click any link or take any action for the malware to infect their device. Attackers only need the target’s WhatsApp number to initiate the attack. Once exploited, the spyware can access sensitive information on the device, monitor communications, and even activate cameras or microphones.
Protecting Your Device
WhatsApp and Apple users should prioritize installing security updates as soon as they become available. Experts recommend regularly updating both your operating system and WhatsApp application to minimize risk. The discovery of CVE-2025-55177 highlights the increasing sophistication of mobile spyware and the importance of vigilance in digital communication.
Sources:
SOCRadar – CVE-2025-55177 Zero-Click WhatsApp Exploit
