Attackers are exploiting WhatsApp's device-linking feature to hijack accounts using a method called GhostPairing. Victims are tricked into linking their accounts to an attacker's browser through fake messages and deceptive login pages, granting the attackers full access to their conversations and media.

An Iranian activist exposed a phishing campaign targeting high-profile users in the Middle East, aiming to steal Gmail and WhatsApp credentials. The hackers used a fake website to capture sensitive information and potentially conduct surveillance on victims. The campaign's timing suggests possible ties to government-backed espionage efforts.