Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

WhatsApp 0-Click Vulnerability Exploited in the Wild

A critical zero-click vulnerability in WhatsApp has been actively exploited by threat actors, raising significant concerns about user security and privacy. This vulnerability allows attackers to compromise devices without any interaction from the victim, making it particularly dangerous and difficult to detect. The flaw affects multiple versions of WhatsApp across various platforms, emphasizing the need for immediate updates and patches. Cybersecurity experts have identified the exploitation campaigns linked to sophisticated attack groups leveraging this vulnerability to deploy spyware and malware, targeting high-profile individuals and organizations. Users are strongly advised to update their WhatsApp applications to the latest version and remain vigilant against suspicious activities. This incident underscores the importance of continuous security assessments and proactive measures in protecting communication channels from advanced persistent threats. The cybersecurity community continues to monitor the situation closely, providing timely advisories and mitigation strategies to safeguard users worldwide.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 29 Sep 2025 11:00:17 +0000

Cyber News related to WhatsApp 0-Click Vulnerability Exploited in the Wild

WhatsApp flaw can let attackers run malicious code on Windows PCs - On January 31, after mitigating the security issue server-side, WhatsApp alerted roughly 90 Android users from over two dozen countries, including Italian journalists and activists who were targeted in Paragon spyware attacks using the zero-click ...
5 months ago Bleepingcomputer.com CVE-2025-30401

NSO Group fined $167M for spyware attacks on 1,400 WhatsApp users - Meta filed the lawsuit against NSO Group on October 29, 2019, in the U.S. District Court for the Northern District of California, alleging that NSO had exploited a vulnerability in WhatsApp's calling feature to deliver its Pegasus spyware to ...
4 months ago Bleepingcomputer.com CVE-2019-3568

WhatsApp's new Advanced Chat Privacy protects sensitive messages - "Today we're introducing our latest layer for privacy called 'Advanced Chat Privacy.' This new setting available in both chats and groups helps prevent others from taking content outside of WhatsApp for when you may want extra privacy," WhatsApp ...
5 months ago Bleepingcomputer.com

WhatsApp Hit with €55 Million Fine for Privacy Violations - WhatsApp is facing an €55 million privacy-related fine from the European Union’s data protection authority for allegedly violating the region's data protection laws. ...
2 years ago Thehackernews.com

WhatsApp's Meta AI is now rolling out in Europe, and it can't be turned off - The chatbot built into WhatsApp is not as powerful as Meta AI's web app, but it can answer your questions, reply with a large chunk of text, share links from Bing, and even create images. On March 19, WhatsApp owner Meta announced that a variety ...
6 months ago Bleepingcomputer.com

US Jury Orders NSO Group to Pay $168 Million to WhatsApp - Meta hailed the verdict as a milestone for digital privacy and security, stating, “Today’s verdict in the WhatsApp case marks a significant advancement for privacy and security, representing the first triumph against the creation and utilization ...
4 months ago Cybersecuritynews.com

WhatsApp's new Secret Code feature hides your locked chats - WhatsApp has introduced a new Secret Code feature that allows users to hide their locked chats by setting a custom password. After it reaches your device, you can set a code specifically for securing locked chats independent from the device unlock ...
1 year ago Bleepingcomputer.com

WhatsApp Vulnerability Let Attackers Execute Malicious Code Via Attachments - “A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp,” stated the official advisory from Facebook, ...
5 months ago Cybersecuritynews.com CVE-2025-30401

WhatsApp Fined €5.5 Million for Enforcing Data Processing Update - Heimdal Security recently reported that WhatsApp, the world’s most popular messaging service, has been fined €5.5 million by the Italian Data Protection Authority (GPDR) for violating user privacy. According to the report, the WhatsApp ...
2 years ago Heimdalsecurity.com

WhatsApp Secret Code Feature Lets Users Set Unique Passwords - WhatsApp has announced the rollout of a new feature to safeguard sensitive conversations. The Secret Code feature provides additional protection to ensure users' private conversations remain secure and protected from unauthorized access. WhatsApp has ...
1 year ago Cybersecuritynews.com

WhatsApp Chats Will Soon Work With Other Encrypted Messaging Apps - Despite WhatsApp working on its interoperability plan for more than a year, it will still take some time for third-party chats to hit people's apps. Messaging companies that want to interoperate with WhatsApp or Messenger will need to sign an ...
1 year ago Wired.com

WhatsApp Beta Testing Expanded Authentication Methods for App Lock Feature - In a world where privacy and security are increasingly important, WhatsApp continues to prioritize the protection of user data through encrypted messaging. Recently, the app has been testing a new label to highlight chat encryption, further ...
1 year ago Cysecurity.news

Paragon Spyware Exploited WhatsApp Zero-day Vulnerability to Attack High-value Targets - Researchers have uncovered extensive evidence linking Israeli firm Paragon Solutions to a sophisticated spyware operation that exploited a zero-day vulnerability in WhatsApp to target journalists and civil society members. The investigation confirmed ...
6 months ago Cybersecuritynews.com

Jury orders NSO Group to pay $168 million to WhatsApp for facilitating Pegasus hacks of its users | The Record from Recorded Future News - NSO’s case was severely hampered by its inability to offer the court any details of its clients' aims in the attacks, prompting Northern California federal judge Phyllis Hamilton to bar the spyware firm from presenting any evidence related to ...
4 months ago Therecord.media

Check Point released hotfix for actively exploited VPN zero-day - MUST READ. Check Point released hotfix for actively exploited VPN zero-day. Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Apple ...
1 year ago Securityaffairs.com CVE-2024-23222 CVE-2023-22515 CVE-2023-40044 CVE-2023-20109

New MOVEit Transfer critical bug is actively exploited - MUST READ. New MOVEit Transfer critical bug is actively exploited. CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. PoC ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 CVE-2023-40044 CVE-2023-20109 Rocke

Warning: Undefined array key "host" in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 364

Warning: Undefined variable $domain_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 466

CVE-2019-3568 - A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android ...
6 months ago

WhatsApp, Slack, Teams, and other messaging platforms face constant security risks - 42% of businesses report employees with BYOD devices in business settings that use tools like WhatsApp have led to new security incidents, according to SafeGuard Cyber. Messaging platforms like WhatsApp, Telegram, Slack, and Teams face constant ...
1 year ago Helpnetsecurity.com

Warning: Trying to access array offset on value of type null in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 385

WhatsApp patches zero-day zero-click vulnerability exploited in the wild - WhatsApp has released a critical security update to patch a zero-day vulnerability that allowed zero-click exploitation, posing significant risks to users worldwide. This vulnerability was actively exploited by threat actors to compromise devices ...
1 month ago Infosecurity-magazine.com CVE-2023-XXXX

Warning: Trying to access array offset on value of type null in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 385

WhatsApp 0-Click Vulnerability Exploited in the Wild - A critical zero-click vulnerability in WhatsApp has been actively exploited by threat actors, raising significant concerns about user security and privacy. This vulnerability allows attackers to compromise devices without any interaction from the ...
4 days ago Cybersecuritynews.com CVE-2023-XXXX Unknown threat actors

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
1 year ago Securityaffairs.com

Warning: Trying to access array offset on value of type null in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 385

WhatsApp bug exploited in zero-click iPhone attacks - A critical vulnerability in WhatsApp has been exploited in zero-click attacks targeting iPhones, raising significant concerns about mobile security. This flaw allows attackers to compromise devices without any interaction from the user, highlighting ...
1 month ago Darkreading.com CVE-2023-XXXX Unknown sophisticated threat actor group

CVE-2021-24042 - The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop ...
3 years ago

CVE-2018-6350 - An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers. This issue affects WhatsApp for Android prior to 2.18.276, WhatsApp Business for Android prior to 2.18.99, WhatsApp for iOS prior to 2.18.100.6, ...
6 years ago

Italian Data Protection Authority Fines WhatsApp €5.5 Million - The Italian Data Protection Authority (DPA) has fined WhatsApp €5.5 million as a result of violations of the European Union’s General Data Protection Regulation (GDPR). ...
2 years ago Securityaffairs.com