Why Compliance Alone Won’t Stop a...
Compliance with recognised cyber security standards is an important part of managing risk, but it should not be mistaken for...
Read MoreWhatsApp, owned by Meta, revealed that a critical vulnerability (CVE 2025 55177) was being exploited in tandem with a separate Apple operating system flaw (CVE 2025 43300) to deploy spyware onto iPhones and Macs via WhatsApp without any user action.
This attack, described by Apple as “extremely sophisticated,” appears to have targeted fewer than 200 users, likely including civil society members. Notification has already been sent to those affected.
A “zero click” vulnerability is particularly dangerous because no user interaction is needed. Hackers can deliver malware silently, bypassing awareness or warning. Even if this attack was limited in scope, the technique itself shows how quickly such flaws can be exploited.
Meta has patched the flaw, but updating is essential.
Although this latest attack has been aimed at a small number of individuals, the technique shows how easily trusted channels like WhatsApp can be exploited. Many businesses rely on these platforms for everyday communication. A compromised device can quickly become an entry point for wider cyberattacks, data loss, or fraud.
At AJC, we help organisations close these gaps by combining cyber security and fraud prevention expertise. Our services include:
Attacks like this highlight how blurred the line has become between personal and business risk. With AJC, you can ensure your people and your organisation are equipped to withstand the next sophisticated attack.
Contact us on 020 7101 4861 or email us at info@ajollyconsulting.co.uk if you think we can help.
image accreditation: Wikimedia commons. Last accessed on 2nd September 2025. Available here.
Compliance with recognised cyber security standards is an important part of managing risk, but it should not be mistaken for...
Read MoreSecurity updates are only effective if organisations can confirm they have been applied. This article looks at what the latest...
Read MoreA recent Dashlane security incident has raised important questions about password managers, master passwords and authentication controls. This article looks...
Read More