Skip to main content

Tag: whatsapp

49 articles

Laptop and smartphone sit on a minimalist desk in soft daylight.

OpenClaw Flaws Expose Hosts to Code Execution via WhatsApp

Three newly patched flaws in the OpenClaw personal AI assistant could let hackers execute code on your device via WhatsApp, putting sensitive data like SSH keys, AWS credentials, and GPG secrets at risk. This alarming vulnerability was addressed in OpenClaw version 2026.6.6.

Analyst 207
Government building in India with a subtle hint of a device screen in the foreground.

India Warns WhatsApp Over Username Rollout Citing Security Risks

India's Ministry of Electronics and Information Technology has warned WhatsApp to halt its global rollout of a new usernames feature, citing security risks, and given the Meta-owned platform just three days to respond. The move has sparked concerns over regulatory action and the protection of user data.

Analyst 207
Smartphone screen showing WhatsApp settings with a username field.

WhatsApp Introduces Usernames to Enhance User Privacy

WhatsApp is rolling out a new feature that lets you reserve a unique username, giving you more control over your privacy and allowing you to keep your phone number hidden. This move is all about putting you in the driver's seat, letting you choose how you connect with others on the platform.

Analyst 207
Government official's workspace with blurred smartphone screen on desk surrounded by papers.

US Offers Bounty for Hackers Targeting WhatsApp, Signal Users

The US government is cracking down on hackers targeting WhatsApp and Signal users, offering up to $10 million for information that helps track down those behind the attacks. The move aims to take down Russian-linked hacker groups that have been phishing US officials, military leaders, and allied personnel.

Analyst 207
Smartphone with Signal app open on screen in a public setting.

FBI Warns of Russian Hackers Targeting Signal with Recovery Key Phishing

Beware of scammers posing as Signal support - the FBI and CISA warn that Russian hackers are using recovery key phishing to target users, so treat any in-app message from Signal support with extreme caution. Stay safe by being vigilant about unexpected messages.

Analyst 207
Smartphone with WhatsApp conversation on screen sits on cluttered desk near open file folder, with cityscape in background.

WhatsApp Targeted in VBScript Campaign Installing ManageEngine RMM Tool

Malicious actors are using WhatsApp to trick victims into downloading and executing a Visual Basic Script (VBScript) file, disguised as a business or financial document, which ultimately installs a legitimate Remote Monitoring and Management (RMM) tool. The campaign has been detected in multiple countries worldwide, with Malaysia being the hardest hit.

Analyst 207
Smartphone on cluttered desk with WhatsApp conversation on screen, surrounded by papers and office supplies, with cityscape…

WhatsApp VBScript Campaign Targets Global Users with RMM Software

Malicious actors are targeting WhatsApp users worldwide with a sneaky VBScript campaign, compromising accounts to spread harmful files through direct messages. In a shocking concentration of attacks, 80% of victims were in Malaysia, highlighting the need for users to stay vigilant.

Analyst 207
Smartphone on a plain surface with subtle screen reflection in natural light.

NSO Group Defies Court Order, Continues Targeting WhatsApp Users

Despite a court order blocking it from doing so, NSO Group continues to target WhatsApp users, defying the ruling and putting users at risk. The company is fighting to overturn the order, claiming it will suffer harm if it's forced to comply.

Analyst 207
Smartphone on a cluttered desk shows a blurred malicious link on its screen.

WhatsApp Disrupts NSO Group's Spearphishing Campaign

WhatsApp has successfully shut down a sneaky phishing campaign by notorious spyware firm NSO Group, which tried to trick users into clicking malicious links to spy on them. The messaging giant is now asking a US court to hold NSO Group accountable for violating a ban on targeting users.

Analyst 207
Person holding smartphone with blank screen, surrounded by blurred cityscape and subtle hint of phishing attempt on nearby…

Meta Alleges NSO Group Breaches Spyware Injunction

Meta just took a bold stand against NSO Group, the notorious spyware maker, by ramping up legal action after thwarting a sneaky phishing campaign aimed at WhatsApp users. The tech giant successfully blocked NSO-linked attempts to trick people into clicking malicious links, despite a US court injunction already in place.

Analyst 207
Smartphone displaying WhatsApp conversation with suspicious link on a clean, minimalist surface.

WhatsApp Disrupts NSO Group's Spyware Phishing Campaigns

Meta's WhatsApp team swiftly sprang into action, disrupting a sophisticated spyware phishing campaign linked to the NSO Group after investigating user reports of targeted social-engineering attacks. They successfully stopped the attackers' attempts to trick people into clicking malicious links that could have put their data at risk.

Analyst 207
Smartphone with blank screen on a neutral table in a quiet room.

Meta Accuses NSO Group of Breaching WhatsApp Injunction

Meta is taking a stand against NSO Group, accusing the Israeli spyware vendor of breaching a WhatsApp injunction by targeting users with social engineering attempts. The company claims it successfully thwarted these malicious efforts, but is now asking a federal judge to hold NSO Group in contempt.

Analyst 207
Busy office scene with people in background, laptop in foreground displaying signs of malware breach.

TCLBanker Malware Spreads Rapidly via WhatsApp, Outlook

Beware of a rapidly spreading malware, TCLBanker, that's infecting 59 major banking, fintech, and cryptocurrency platforms through sneaky WhatsApp and Outlook attacks. This sneaky trojan uses a fake Logitech AI Prompt Builder installer to wreak havoc on your digital security.

Analyst 207
UK Warns of Targeted Attacks on WhatsApp and Signal Accounts

UK Warns of Targeted Attacks on WhatsApp and Signal Accounts

The UK's cybersecurity agency has issued a warning about hackers targeting WhatsApp and Signal accounts, specifically using social engineering tactics to gain access to private conversations. To stay safe, "high-risk" individuals can take steps to protect themselves from these types of cyber-attacks.

Analyst 207
WhatsApp Exposes Italian Users to Spyware via Fake iOS App

WhatsApp Exposes Italian Users to Spyware via Fake iOS App

WhatsApp has alerted around 200 users, mostly in Italy, about a sneaky spyware attack that hit them after they downloaded a fake version of the app for iOS. This alarming incident raises a crucial question: how can you trust that the app on your phone is genuine?

Analyst 207
Smartphone lies on shattered Windows desktop screen amidst binary code fragments, surrounded by a vulnerable cityscape at…

Microsoft Flags WhatsApp-Delivered VBS Malware Bypassing Windows UAC

Beware of WhatsApp attachments from familiar numbers - they might be malicious VBS files designed to quietly hijack your Windows system. A sneaky new campaign uses decades-old scripting language to bypass Windows UAC and give attackers remote access.

Analyst 207
WhatsApp Abused in Critical Multi-Stage Attack Warns Microsoft

WhatsApp Abused in Critical Multi-Stage Attack Warns Microsoft

Beware: a simple WhatsApp message can be the gateway for hackers to take control of your entire corporate network, as Microsoft warns of a new multi-stage social-engineering campaign exploiting the popular messaging app's security vulnerabilities. Stay vigilant - your harmless "ping" could be the weakest link in your security chain!

Analyst 207
CISA: Exclusive Critical Spyware Threat to Signal, WhatsApp

CISA: Exclusive Critical Spyware Threat to Signal, WhatsApp

CISA warns that commercial spyware and remote‑access trojans are being used to compromise Signal and WhatsApp—often via social engineering and sideloaded apps—turning everyday messaging into a gateway for stolen messages, media and device data.

Analyst 207
WhatsApp Malware Exclusive: Brazil Banks’ Worst Threat

WhatsApp Malware Exclusive: Brazil Banks’ Worst Threat

Imagine the app you use to call your mother being used to rob her bank — thats Brazils new reality as researchers link a WhatsApp-spread program called Maverick to the Coyote banking malware family. Built in .NET to decrypt, monitor and inject into banking sessions, this WhatsApp-delivered threat marks a worrying leap in scale and sophistication against Brazilian users and banks.

Analyst 207
WhatsApp Web automation: Risky Must-Have Threat

WhatsApp Web automation: Risky Must-Have Threat

What looked like handy WhatsApp Web productivity add-ons were actually 131 cloned Chrome extensions hijacked to blast spam across Brazil, reaching about 20,900 users before takedown. Socket’s investigation is a wake-up call—check extension reputations, limit permissions, and treat browser add-ons with the same caution you’d give any app that touches your messages.

Analyst 207
Chat Control: Stunning German Win vs Risky EU Plan

Chat Control: Stunning German Win vs Risky EU Plan

Germany has put the brakes on the EU’s controversial “Chat Control” device‑scanning plan, turning a behind‑closed‑doors tech debate into a public showdown over encryption, privacy and how far governments should go to fight child abuse. Its opposition could stall client‑side scanning and forces Brussels to choose whether to prioritize citizens’ privacy or new surveillance powers.

Analyst 207
Oracle zero-day: Must-Have Urgent Fix for Best Defense

Oracle zero-day: Must-Have Urgent Fix for Best Defense

This week’s cyber roundup proves attackers still love the path of least resistance: a critical Oracle zero-day, BitLocker deployment gaps that erode encryption guarantees, and a fast‑spreading WhatsApp “worm” that rode on trust. The takeaway? Patch, audit key management, and treat people and processes as the front lines of defense.

Analyst 207
Android zero-day Critical Emergency: Must-Have Fix

Android zero-day Critical Emergency: Must-Have Fix

Samsung just pushed an emergency patch for a critical Android zero‑day that’s been actively exploited — install it now to stop attackers from reading messages, using your mic, or tracking your device. Even after updating, enable automatic updates and avoid installing apps from untrusted sources to stay safer.

Analyst 207
WhatsApp zero-day: Critical Risk, Must-Have Fixes

WhatsApp zero-day: Critical Risk, Must-Have Fixes

This week’s wake‑up call — a WhatsApp zero‑day, a Docker escape bug, and reported Salesforce access — shows how small misconfigurations and stolen credentials chain together into big breaches. Patch promptly, enable MFA, and tighten container and identity hygiene before attackers stitch those gaps into a compromise.

Analyst 207