WhatsApp iOS and Mac security update for CVE-2025-55177
Security Patch Release
Summary
Hide ▲
Show ▼
WhatsApp released security updates for WhatsApp for iOS, WhatsApp Business for iOS, and WhatsApp for Mac after CVE-2025-55177 was linked to possible in-the-wild exploitation in targeted attacks. The patched flaw was an insufficient authorization issue in linked-device synchronization messages that could let an unrelated user trigger processing of content from an arbitrary URL on a target device. The affected builds were patched on July 28, 2025 and August 4, 2025, and the issue may have been chained with CVE-2025-43300 in a zero-click attack.
Related Happenings
Apple out-of-band iOS/iPadOS security updates (CVE-2026-28950)
Security Patch Release
First: 22.04.2026 23:58
Last: 22.04.2026 23:58
Sources 1
About this happening:
**Apple** released **out-of-band security updates** for **iPhone and iPad** on **April 22, 2026** to fix **CVE-2026-28950**. The patch addresses a **Notification Services** flaw t...
Apple out-of-band iOS/iPadOS security updates (CVE-2026-28950)
Security Patch ReleaseAbout this happening: **Apple** released **out-of-band security updates** for **iPhone and iPad** on **April 22, 2026** to fix **CVE-2026-28950**. The patch addresses a **Notification Services** flaw t...
Latest development: 23.04.2026 11:50
Apple issued **iOS 26.4.2**, **iPadOS 26.4.2**, **iOS 18.7.8**, and **iPadOS 18.7.8** on **2026-04-23** to close **CVE-2026-28950**, which could preserve deleted-message notifications on affected devices.
TP-Link security patch release for CVE-2025-15517
Security Patch Release
First: 25.03.2026 13:11
Last: 25.03.2026 13:11
Sources 1
About this happening:
**TP-Link** released **security updates** for its **Archer NX** router series to close a critical authentication-bypass flaw that could let attackers upload firmware without loggi...
TP-Link security patch release for CVE-2025-15517
Security Patch ReleaseAbout this happening: **TP-Link** released **security updates** for its **Archer NX** router series to close a critical authentication-bypass flaw that could let attackers upload firmware without loggi...
Apple iOS outdated-device exploit-kit mitigation advisory
Advisory/Mitigation
First: 20.03.2026 07:16
Last: 20.03.2026 07:16
Sources 1
About this happening:
**Apple** is sending **Lock Screen notifications** to **outdated iPhones and iPads** after detecting **active web-based attacks**, urging users to install updates. The latest noti...
Apple iOS outdated-device exploit-kit mitigation advisory
Advisory/MitigationAbout this happening: **Apple** is sending **Lock Screen notifications** to **outdated iPhones and iPads** after detecting **active web-based attacks**, urging users to install updates. The latest noti...
Apple Background Security Improvements WebKit patch (CVE-2026-20643)
Security Patch Release
First: 18.03.2026 03:06
Last: 18.03.2026 03:06
Sources 1
About this happening:
Apple's **first Background Security Improvements** release patches **CVE-2026-20643** in **WebKit**, letting **iPhones, iPads, and Macs** get a security fix **without a full OS up...
Apple Background Security Improvements WebKit patch (CVE-2026-20643)
Security Patch ReleaseAbout this happening: Apple's **first Background Security Improvements** release patches **CVE-2026-20643** in **WebKit**, letting **iPhones, iPads, and Macs** get a security fix **without a full OS up...
Apple security patch release for CVE-2023-43010
Security Patch Release
First: 12.03.2026 11:58
Last: 12.03.2026 11:58
Sources 1
About this happening:
**Apple** backported **Coruna-linked WebKit fixes** to **older iOS and iPadOS devices**, reducing exposure on legacy hardware that cannot move to the latest release. The update ex...
Apple security patch release for CVE-2023-43010
Security Patch ReleaseAbout this happening: **Apple** backported **Coruna-linked WebKit fixes** to **older iOS and iPadOS devices**, reducing exposure on legacy hardware that cannot move to the latest release. The update ex...
Timeline
-
30.08.2025 07:36 2 articles · 9mo ago
WhatsApp patches CVE-2025-55177 in WhatsApp for iOS
Mitigation Patch UpdateWhatsApp patched CVE-2025-55177 in WhatsApp for iOS prior to version 2.25.21.73, closing an insufficient-authorization flaw in linked-device synchronization messages that could let an unrelated user trigger processing of content from an arbitrary URL on a target's device.
Show sources
- WhatsApp Patches Zero-Click Exploit Targeting iOS and macOS Devices — thehackernews.com — 30.08.2025 07:36
- WhatsApp Patches Zero-Click Exploit Targeting iOS and macOS Devices — thehackernews.com — 30.08.2025 07:36
-
30.08.2025 07:36 1 articles · 9mo ago
WhatsApp patches CVE-2025-55177 in WhatsApp Business for iOS and WhatsApp for Mac
Mitigation Patch UpdateWhatsApp patched CVE-2025-55177 in WhatsApp Business for iOS version 2.25.21.78 and WhatsApp for Mac version 2.25.21.78, addressing the same linked-device synchronization flaw after assessing that it may have been chained with CVE-2025-43300 in a sophisticated zero-click attack against specific targeted users.
Show sources
- WhatsApp Patches Zero-Click Exploit Targeting iOS and macOS Devices — thehackernews.com — 30.08.2025 07:36
-
30.08.2025 07:36 1 articles · 9mo ago
WhatsApp notifies fewer than 200 users of possible spyware targeting
Initial DisclosureWhatsApp sent in-app threat notifications to fewer than 200 users who may have been targeted in a campaign using CVE-2025-55177 and advised a full device factory reset plus keeping the operating system and WhatsApp up to date.
Show sources
- WhatsApp Patches Zero-Click Exploit Targeting iOS and macOS Devices — thehackernews.com — 30.08.2025 07:36