What would it take for an attacker to make your device fetch and process their content without you touching a thing, and what happens when that pull lands on a second flaw deeper in the operating system, turning a seemingly medium-severity bug into a zero-click compromise, with real victims, on current hardware, right now, in the wild, against people who do not tap anything, do not open anything, and still get owned, quietly, completely, and fast?
WhatsApp to ImageIO zero-click exploit chain
What would it take for an attacker to make your device fetch and process their content without you touching a thing, and what happens when that pull lands on a second flaw deeper in the operating system, turning a seemingly medium-severity bug into a zero-click compromise, with real victims, on current hardware, right now, in the wild, against people who do not tap anything, do not open anything, and still get owned, quietly, completely, and fast?