WhatsApp users should immediately update to latest version of this popular software connectivity tool

https://www.pcmag.com/news/368338/this-whatsapp-flaw-helped-send-spyware-with-a-voice-call

https://www.us-cert.gov/ncas/current-activity/2019/05/14/Facebook-Releases-Security-Advisory-WhatsApp

https://www.facebook.com/security/advisories/cve-2019-3568

WhatsApp had a scary flaw that secretly sent spyware to smartphones simply by calling the victim. On Monday, the Facebook-owned messaging service disclosed the vulnerability, which affects iOS and Android, after it was used to attack a number of victims, a WhatsApp spokesperson told PCMag. “WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date,” the spokesperson said in an email.

According to WhatsApp, the attacks have all the hallmarks of a private company that works with governments to deliver spyware to mobile phones. Although it refrained from naming the company, WhatsApp is probably referring to NSO Group, an Israeli technology firm notorious for developing a spyware program known as Pegasus, which has targeted human rights activists, politicians, and journalists. The WhatsApp vulnerability allegedly allowed NSO Group to send spyware to the victims even when didn’t answer a voice call on the app, according to The Financial Times, which was first to report the news.

US-CERT: Facebook has released a security advisory to address a vulnerability in WhatsApp. A remote attacker could exploit this vulnerability to take control of an affected device.  The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the Facebook Security Advisory for CVE-2019-3568 and upgrade to the appropriate version.