WhatsApp fixes bug that secretly hacks data from Apple devices

Meta-owned messaging app WhatsApp has announced a fix for the ‘zero-click bug’ in its iOS and Mac apps.

This security bug was being used to secretly hack data from Apple devices of ‘specifically targeted users’.

According to a security advisory issued by WhatsApp, ‘WhatsApp has fixed bug CVE-2025-55177. This flaw in the app was used to hack data from Apple devices of specifically targeted users’.

What is zero-click bug?

Under the zero-click bug, hackers secretly take over the user’s devices without any action from the user and steal their data. In the case of WhatsApp, hackers targeted dozens of specific WhatsApp users by exploiting the flaws in the app through the zero-click bug.

The attack was described as an ‘advanced spyware campaign’ by Donncha Ó Cearbhaill, head of Amnesty International’s security lab, on Twitter.

The head of Amnesty International’s security lab had said in his post that during the last 3 months, dozens of users were secretly targeted through the zero-click bug, meaning that the hackers did not communicate with the users for hacking, nor did they persuade them to open any link or download a file to steal their data. However, no information was shared about the hackers in the post.

Now, Meta spokesperson Margareta Franklin has confirmed that the company has fixed the flaw after discovering it ‘a few weeks ago,’ and that the company also sent a formal notification to the fewer than 200 affected WhatsApp users.