Security researchers have identified a JavaScript vulnerability in WhatsApp desktop platform that could allow cybercriminals to spread malware, phishing or ransomware campaigns. The desktop platform has more than 1.5 billion monthly active users. The high-severity bug (rated 8.2 on CVSS severity scale) could impact those that also use WhatsApp for iPhone, if they don t update their desktop and mobile apps, and if they use newer versions of the Chrome browser. Further investigation shows this could be parlayed into remote code-execution.
Source: https://threatpost.com/whatsapp-bug-malicious-code-injection-rce/152578/