Meta, the parent company of Facebook, just dropped a serious warning about a vulnerability in WhatsApp for Windows that could put users at risk of various cyber attacks, including ransomware. They pointed out a spoofing issue tracked as CVE-2025-30401, affecting versions before 2.2450.6. Basically, this flaw allows WhatsApp to show attachments based on their MIME type but opens them according to their actual file extension. So, if someone maliciously changes the MIME type, you might think you’re opening a harmless .jpeg, but it could actually be a .exe file loaded with malware.
This warning comes after Revolut reported that WhatsApp was the source of one in five scams in the UK last year, and those scams skyrocketed by 67% from June to December. Cyber criminals are drawn to Meta’s platforms because they have huge user bases who often don’t prioritize personal security.
Adam Pilton from CyberSmart highlighted the danger, saying that most users are in WhatsApp groups where sharing images is the norm. If a hacker slips a malicious image into your group chat, anyone who opens it could unknowingly trigger harmful code.
Martin Kraemer from KnowBe4 emphasized how vital WhatsApp has become in our daily lives, from scheduling appointments to sharing job applications. It operates in the background of both our personal and professional lives, leading to a level of trust that attackers exploit. He stressed that users need to take this vulnerability seriously and should update their software immediately.
In the meantime, caution is key—Kraemer advises treating WhatsApp like email: don’t open unexpected files, especially from new contacts. The good news is that fixing this issue is straightforward: just update WhatsApp. Pilton noted that while cyber criminals will always look for vulnerabilities, software developers will keep releasing updates to safeguard users. This cycle of vulnerability management emphasizes why keeping software updated is crucial.