Seriously? *Another* WhatsApp Problem.

Right, so listen up, because I’m only explaining this once. Some godforsaken bug in WhatsApp – specifically how it handles VoIP call setup – allowed attackers to install spyware on iPhones without you even answering the damn phone. Zero-click exploit, they’re calling it. Meaning no interaction needed. Just…boom, compromised.

It’s a vulnerability in the SDP (Session Description Protocol) handling, basically the part that sets up video calls. Maliciously crafted SDP packets could trigger this mess. Meta patched it, naturally, after researchers at Citizen Lab found it being actively exploited by these surveillance vendors – specifically those linked to governments wanting to snoop on people. Surprise, surprise.

Affected devices? iPhones running iOS 15.7 and earlier. If you haven’t updated, for the love of all that is holy, DO IT NOW. And even if you *have* updated, don’t trust anything these days. WhatsApp is a security dumpster fire waiting to happen.

The worst part? This wasn’t some random script kiddie finding this. Professional attackers were using it. Which means they’re probably already on to the next zero-day while you’re busy updating your phone. Fantastic.

Honestly, I’m starting to think everyone should just go back to carrier pigeons. At least those don’t have remote code execution vulnerabilities.

Source: Dark Reading – WhatsApp Bug Anchors Targeted Zero-Click iPhone Attacks

  Speaking of pigeons, I once had to debug a network issue caused by a *literal* pigeon shorting out a fiber optic cable. A goddamn bird. And people trust software? Pathetic.