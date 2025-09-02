ADVERTISEMENT
India’s cybersecurity watchdog, the Indian Computer Emergency Response Team (CERT-In), has issued a high-severity alert over a newly discovered vulnerability in WhatsApp. The flaw, disclosed on August 31, 2025, affects versions of the messaging app on iOS and Mac, and could potentially allow attackers to bypass authorization controls and gain access to sensitive user information.
According to CERT-In, the vulnerability has been identified in WhatsApp for iOS versions prior to 2.25.21.73, WhatsApp Business for iOS versions prior to 2.25.21.78, and WhatsApp for Mac versions prior to 2.25.21.78.
The agency has urged users of these platforms to update to the latest available versions immediately to safeguard their data.
The vulnerability arises from improper authorization handling in linked device synchronization messages, a feature that allows users to connect their WhatsApp accounts across devices. CERT-In warns that attackers could exploit this flaw to trigger the processing of content from an arbitrary URL on a victim’s device. This could lead to unauthorized access and disclosure of private information such as messages, media, or account details.
In some instances, CERT-In noted, the flaw has been observed working in tandem with an OS-level weakness on Apple platforms, making the exploit particularly dangerous in sophisticated, targeted cyberattacks.
Such chaining of vulnerabilities is often associated with advanced threat actors who target individuals or organizations of high value.
With over two billion users worldwide, WhatsApp has become one of the most widely used messaging platforms, especially valued for its end-to-end encryption that protects communications from prying eyes. However, vulnerabilities of this nature can undermine that trust by exposing users to risks of surveillance, data theft, or identity compromise.
CERT-In has strongly advised all users running the affected versions of WhatsApp on iOS and Mac to immediately update to the patched versions available on the App Store and official channels.
For individuals handling sensitive personal or professional data—such as journalists, policymakers, and executives—the advisory serves as an urgent reminder of the importance of timely software updates and cautious digital hygiene.