Details have emerged from Meta's encrypted communications app WhatsApp on recent vulnerabilities that appear to have been used to deploy spyware from an unnamed government, without user interaction.
WhatsApp posted a security advisory for the vulnerability, tracked asCVE-2025-55177
, saying it was used in combination with a flaw in Apple's image input/output handling framework in the company's iOS mobile operation system to target specific users.
On its part, Apple issued a patch in iOS and iPadOS 18.6.2 forCVE-2025-43300
, which fixed memory corruption that could occur when processing malicious images, on August 20 United States time.