20
Dec
New Delhi, December 20, 2025: India’s cyber security agency CERT-In has issued a high-risk alert over a newly identified vulnerability in WhatsApp’s “device-linking” feature that could allow attackers to gain complete control of user accounts, including access to messages, photos and videos in real time through WhatsApp Web. In an advisory released on Friday, the Indian Computer Emergency Response Team (CERT-In) named the threat “GhostPairing”, warning that cybercriminals are exploiting WhatsApp’s device-linking mechanism to hijack accounts using pairing codes without any authentication safeguards. According to the agency, the attack does not require passwords, SIM swaps or direct access to the…