All news with #whatsapp tag

131 Chrome Extensions Hijack WhatsApp Web for Spam

🔍 Cybersecurity researchers uncovered a coordinated operation that used 131 rebranded Chrome extensions—about 20,905 active users—to inject automation code into WhatsApp Web and conduct large-scale spam campaigns targeting Brazilian users. Socket found the add-ons share a common codebase, design patterns, and infrastructure and are primarily published under WL Extensão variants. The extensions pose a high spam risk by automating bulk outreach and scheduling to evade WhatsApp rate limits and violate Chrome Web Store policies.

WhatsApp-Based Self-Spreading Malware Hits Brazil Nationwide

⚠️ Trend Micro has uncovered a self-propagating malware campaign named SORVEPOTEL that primarily targets Brazilian Windows users via WhatsApp. The attack is delivered through convincing phishing messages with malicious ZIP attachments that contain LNK shortcuts which trigger PowerShell to download a batch payload. The payload establishes persistence by copying itself to the Windows Startup folder and contacts a command-and-control server, and if WhatsApp Web is active the malware automatically forwards the infected ZIP to contacts and groups, causing rapid spread and frequent account bans. Researchers report no evidence of data exfiltration or file encryption so far.

WhatsApp phishing: fake vote pages hijack accounts

🔒 Kaspersky analyzed a global phishing campaign that uses convincing fake voting pages to hijack WhatsApp accounts. Attackers lure victims with personalized requests and multilingual scam pages; when users click Vote they’re prompted for the phone number linked to their account and shown a single‑use verification code. Victims who then enter or paste that code in their WhatsApp app inadvertently activate a remote WhatsApp Web session, giving attackers full access. Immediately check Linked devices, disconnect unknown sessions, and follow Kaspersky’s recovery and prevention guidance.

Threat Modeling Your Digital Life Under Authoritarianism

🔒 The article argues that personal threat modeling must adapt as governments increasingly combine their extensive administrative records with corporate surveillance data. It details what kinds of government-held data exist, how firms augment those records, and the distinct dangers of targeted versus mass surveillance. Practical mitigations are discussed—encryption, scrubbing accounts, burner devices—and the piece stresses that every defensive choice is a trade-off tied to individual goals.

WhatsApp Adds Message Translation to iPhone and Android

🌐 WhatsApp has begun rolling out a new message translation feature for Android and iPhone that translates messages in chats, groups, and channel updates. On iOS, users can translate individual messages via long-press and tapping 'Translate', while Android users can also enable automatic translation to convert all messages in a thread. Initial language support differs by platform and the rollout will be gradual.

Whistleblower Lawsuit Alleges WhatsApp Security Failures

🛡️ Attaullah Baig, former head of security at WhatsApp, has filed a whistleblower lawsuit alleging that Facebook knowingly failed to fix multiple security flaws in breach of its 2019 settlement with the FTC. The complaint asserts that in 2022 roughly 100,000 accounts were compromised daily, rising to as many as 400,000 daily lockouts by last year, and that inadequate anti-scraping protections exposed profile data at scale. Baig invokes the whistleblower-protection provisions of the Sarbanes-Oxley Act, and the filing has prompted wider media coverage and potential regulatory scrutiny.

Samsung patches actively exploited zero-day in image codec

🔒 Samsung has released a patch for a critical remote code execution vulnerability tracked as CVE-2025-21043 that was actively exploited on Android devices. Reported by Meta and WhatsApp security teams on August 13, the flaw stems from an out-of-bounds write in libimagecodec.quram.so, a closed-source Quramsoft image parser, and affects devices running Android 13 and later. Samsung’s advisory notes an exploit was observed in the wild and that other messaging apps using the vulnerable library could also be at risk; users should apply the September SMR update promptly.

CISA Adds TP-Link and WhatsApp Vulnerabilities to KEV

🔒 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a high‑severity flaw in TP‑Link TL‑WA855RE Wi‑Fi range extenders (CVE‑2020‑24363, CVSS 8.8) to its Known Exploited Vulnerabilities catalog after evidence of active exploitation. The missing authentication issue lets an unauthenticated attacker on the same network submit a TDDP_RESET request to factory‑reset the device and set a new administrative password. CISA also added a WhatsApp vulnerability (CVE‑2025‑55177, CVSS 5.4) that was chained with an Apple platform flaw in a targeted spyware campaign; federal agencies must apply mitigations by September 23, 2025.

WhatsApp Patches Zero-Click Zero-Day Exploit in iOS

🔒 WhatsApp has patched a critical zero-day (CVE-2025-55177) affecting linked-device synchronization that could allow processing of content from an arbitrary URL on a target device. The vendor says the flaw, when combined with an Apple OS-level out-of-bounds write (CVE-2025-43300), may have been exploited in a targeted, sophisticated zero-click attack. Apple patched the related OS issue on August 20. Users should apply the updated WhatsApp and WhatsApp Business iOS and Mac clients immediately.

WhatsApp Emergency Update Fixes Zero-Click iOS/macOS Bug

🔒 WhatsApp has issued emergency updates for iOS and macOS to fix CVE-2025-55177, a high-severity authorization flaw that may have been exploited alongside an Apple ImageIO zero-day (CVE-2025-43300). The bug could allow processing of content from an arbitrary URL on a target device and affects specific iOS, Business iOS, and Mac app versions. Users are urged to update immediately; confirmed targets were advised to perform a full factory reset.

WhatsApp patches iOS and macOS zero-day vulnerability

🔒 WhatsApp has patched a zero-click vulnerability (CVE-2025-55177) impacting WhatsApp for iOS prior to 2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78. The flaw involved incomplete authorization of linked-device synchronization messages that could trigger processing of content from an arbitrary URL on a target device. WhatsApp said the bug may have been chained with an Apple OS-level zero-day (CVE-2025-43300) and exploited in targeted, sophisticated attacks. Potentially impacted users have been urged to perform a factory reset and keep their operating systems and apps up to date.