Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

WhatsApp spyware campaign chaining CVE-2025-55177 and CVE-2025-43300

Campaign
First reported
Last updated
Happening score
H score 56
2 unique sources, 2 articles

Summary

Hide ▲

A targeted spyware campaign hit specific WhatsApp users, increasing the risk of covert device surveillance. The operation chained CVE-2025-55177 in WhatsApp with CVE-2025-43300 in Apple software, making the attack path more effective against high-value devices. The activity was described as extremely sophisticated and focused on a limited cohort rather than broad consumer targeting. The timeframe points to late August to September 2025, and the same exploit chain was later linked to attacks against Samsung Android devices.

Cases

Targeted spyware chain across WhatsApp and Apple Image I/O (2)

Related Happenings

TCLBANKER banking trojan activity targeting 59 financial platforms

Malware Activity
First: 08.05.2026 21:12 Last: 08.05.2026 21:12 Sources 1

About this happening: **TCLBANKER** is a newly documented **Brazilian banking trojan** that can hit **59 banking, fintech, and cryptocurrency platforms**, increasing the risk of credential theft and re...

Open Happening

Bitter Middle East spear-phishing campaign targeting civil society figures

Campaign
First: 09.04.2026 13:45 Last: 09.04.2026 13:45 Sources 1

About this happening: A **spear-phishing campaign** targeted **civil society figures in Middle Eastern countries**, including **three journalists in Egypt and Lebanon**, creating account-compromise ris...

Open Happening

NoVoice Android malware hidden in Google Play apps

Malware Activity
First: 01.04.2026 21:07 Last: 01.04.2026 21:07 Sources 1

About this happening: **NoVoice** Android malware was found hidden in **more than 50 Google Play apps**, exposing **at least 2.3 million downloads** to compromise. After installation, it used **old And...

Open Happening

Operation Triangulation updated iPhone espionage campaign

Campaign
First: 26.03.2026 15:10 Last: 26.03.2026 15:10 Sources 1

About this happening: The **Operation Triangulation** espionage lineage has resurfaced through **Coruna**, extending **zero-click iPhone** targeting to newer **A17** and **M3** devices and **iOS 17.2**...

Open Happening

Coruna iOS exploit analysis ties updated Triangulation kernel exploit lineage

Technical Analysis
First: 26.03.2026 15:10 Last: 26.03.2026 15:10 Sources 1

About this happening: **Coruna** has been linked to an **updated** exploit lineage from **Operation Triangulation**, showing that a long-running iPhone attack framework continues to evolve and can stil...

Open Happening

Timeline

  1. 16.09.2025 15:16 1 articles · 8mo ago

    Apple patches CVE-2025-43300 on newer iPhone, iPad, and Mac releases

    Mitigation Patch Update

    Apple patched CVE-2025-43300 on August 20, 2025 for iOS 18.6.2, iPadOS 18.6.2, iPadOS 17.7.10, and macOS Sequoia 15.6.1, Sonoma 14.7.8, and Ventura 13.7.8, addressing an Image I/O out-of-bounds write that could let a malicious image file cause memory corruption.

    Show sources
    Open in new tab
  2. 16.09.2025 15:16 3 articles · 8mo ago

    WhatsApp users are warned about a targeted spyware campaign chaining CVE-2025-55177 and CVE-2025-43300

    Initial Disclosure

    Apple backported CVE-2025-43300 fixes to older iPhones and iPads running iOS 15.8.5 / 16.7.12 and iPadOS 15.8.5 / 16.7.12, and WhatsApp users were warned that their devices were targeted in an advanced spyware campaign that chained CVE-2025-55177 with Apple's zero-day against specific targeted individuals.

    Show sources
    Open in new tab