CERT-In Warns WhatsApp Users of 'GhostPairing' Exploit: Account Takeover Risk

• CERT-In issued a high-severity advisory on "GhostPairing," a critical WhatsApp vulnerability.
• The exploit allows attackers to take complete control of a WhatsApp account without password, OTP, or SIM swap.
• Attackers use social engineering with fake verification pages to trick users into linking their device via pairing code or QR code.
• The "ghost" nature means no "New Login" alert, allowing silent monitoring and impersonation for extended periods.
• Protect yourself by auditing linked devices, enabling Two-Step Verification, and avoiding external pairing sites.

Why It Matters: WhatsApp users face a silent account takeover risk from "GhostPairing"; enable 2SV and audit linked devices.