Meta reports a security flaw in WhatsApp for Windows that lets attackers trick users into downloading and installing harmful malicious code.
If you are using WhatsApp for Windows, then you need to be cautious. Meta has warned that a security vulnerability could trick unwary users into downloading and installing malware. The vulnerability, a spoofing one, tracked under ID CVE-2025-30401, allows threat actors and cyberattackers to disguise harmful malicious code in the form of harmless attachment files.
Normally, if you receive an attachment, WhatsApp identifies it by its MIME (Multipurpose Internet Mail Extensions) type (for example, a file could be identified as an image, document, or video based on its actual content). However, when you manually open the attachment, WhatsApp uses the file’s extension, like .
