WhatsApp has said that it uncovered a cyberespionage, or hacking, operation that exploited multiple security vulnerabilities across its platform and Apple devices to conduct targeted surveillance of users, with reportedly civil society activists appearing to be among the primary targets. In a statement issued, the Meta-owned company said that it has plugged the loop holes that hackers used to attack specific users.“Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device,” WhatsApp said in a statement. The Meta-owned messaging service disclosed the security breach in a brief statement, revealing that hackers had discovered and weaponised a chain of vulnerabilities that allowed them to compromise both the WhatsApp application and Apple devices in coordinated attacks.“We assess that this vulnerability, in combination with an OS-level vulnerability on Apple platforms (CVE-2025-43300), may have been exploited in a sophisticated attack against specific targeted users,” the company added, without revealing much about the cyber attack.However, a report by news agency Reuters said that an estimated 200 users worldwide have potentially been compromised during the espionage campaign.
Amnesty International’s Security Lab says civic organisations may be a target
Donncha O Cearbhaill, who heads Amnesty International’s Security Lab, said that members of civic organisations appear to be among those affected by the surveillance operation. “WhatsApp has just sent out a round of threat notifications to individuals they believe where targeted by an advanced spyware campaign in past 90 days. Seek out expert help if you have received this alert,” he said.“Early indications are that the WhatsApp attack is impacting both iPhone and Android users, civil society individuals among them. Government spyware continues to pose a threat to journalists and human rights defenders,” O Cearbhaill wrote in a post on social media platform X.He noted that the Apple vulnerability was in a core image library, advising people that they should update their devices and enable iOS Lockdown Mode or Android‘s Advanced Protection Mode to help protect against attacks like this.