WhatsApp has confirmed a major cyberattack targeting users through security flaws in both the app and Apple devices. Why are activists and journalists the primary targets?
 |
| A cyberattack exploiting WhatsApp and Apple vulnerabilities has left activists and journalists vulnerable to surveillance. Here's what you need to know to protect yourself. Image: CH |
New York, USA — September 1, 2025:
In a major cyberattack that has raised alarm bells across the globe, WhatsApp confirmed that hackers exploited vulnerabilities in both its messaging app and Apple devices to monitor specific users. While the company has since patched the flaw, early reports suggest that at least 200 users worldwide have been affected. The attack, which has targeted activists and journalists, highlights an increasingly sophisticated level of cyber espionage aimed at monitoring those most vulnerable to surveillance.
WhatsApp identified the flaw in versions of the app prior to iOS version 2.25.21.73 and WhatsApp Business for iOS version 2.25.21.78, as well as WhatsApp for Mac version 2.25.21.78. These versions failed to properly secure device synchronization, allowing hackers to run malicious content on devices via links sent through the app. However, the true extent of the breach is still unclear, as WhatsApp has yet to reveal the identities of those targeted or the attackers' methods.
The breach has been linked to a vulnerability within Apple’s iOS operating system, specifically in the device's main image library, which hackers leveraged to compromise users' data. While Apple has not officially commented on this specific vulnerability, the incident reveals just how interconnected platforms like WhatsApp and Apple devices have become—and how such breaches can threaten user privacy across multiple layers of technology.
Doncha O'Carebile, head of Amnesty International’s security lab, noted that members of civil society organizations, journalists, and other high-risk individuals are likely to have been targeted. These groups, often operating in politically sensitive environments, face heightened risks of digital surveillance, especially from state-backed actors seeking to monitor their communications and activities. O'Carebile stressed that this breach could have serious consequences for their safety and professional work.
The attack underscores a growing problem: government-backed surveillance of journalists, activists, and human rights defenders. These individuals are frequently the target of cyber espionage campaigns designed to silence dissent or uncover sensitive information. The spyware deployed in this attack may allow attackers to not only monitor communications but also track movements and access files, posing significant risks to personal and professional security.
O'Carebile highlighted that both iPhone and Android users were affected, a reminder of the vulnerability of millions of individuals who rely on these platforms for secure communication. In response to the breach, WhatsApp issued alerts to those users believed to have been compromised by advanced spyware. The company has also advised users to seek expert help if they received one of these warnings in the past 90 days.
The increasing use of spyware by governments to monitor journalists, activists, and even ordinary citizens raises serious concerns about privacy and freedom of expression in the digital age. With this latest attack on WhatsApp, the risks are clear: as digital platforms become more entrenched in everyday life, they are also becoming attractive targets for surveillance and cyber espionage. While WhatsApp responded quickly to patch the vulnerability, this breach is a reminder of the ongoing battle between privacy and security in our interconnected world.
O'Carebile also pointed out that state-sponsored spyware poses an even greater threat to those working in high-risk professions, especially those involved in political activism or human rights work. Despite the progress in security technology, these attacks continue to evolve, often outpacing the tools available to defend against them.
Following this cyberattack, it’s crucial for all users to take extra precautions. While WhatsApp has patched the security flaw, both iPhone and Android users should ensure they update their devices to the latest versions. Apple’s iOS lockdown mode and Android’s advanced protection mode offer added layers of security against unauthorized access. These steps are especially critical for individuals working in sensitive fields, where the risks of surveillance can have profound personal and professional consequences.
Furthermore, experts recommend that users avoid clicking on suspicious links, especially those received from unknown or untrusted sources, as these can be a vehicle for malicious content. The breach also serves as a reminder that no digital platform is completely secure—especially when it involves state-sponsored actors or sophisticated cybercriminals.
The attack on WhatsApp raises larger questions about the future of digital privacy. As more people rely on platforms like WhatsApp for both personal and professional communication, the need for stronger security measures becomes even more urgent. For individuals in high-risk professions, the question isn’t just about protecting personal information—it’s about ensuring their safety and freedom in an increasingly hostile digital environment.
This breach is also a call to action for companies and governments to address the evolving cybersecurity threats that continue to undermine digital trust. As technologies advance, so too must the protections that safeguard our privacy and security. The WhatsApp attack highlights how critical it is for users to stay vigilant and informed about potential cyber threats, particularly in a world where digital espionage is on the rise.
This breach is a stark reminder that no one is immune to cyber threats. While WhatsApp's response to patch the flaw is a step in the right direction, the larger issue of surveillance remains a concern. What precautions have you taken to secure your digital communications?