Unencrypted WhatsApp Chats Found on Apple macOS and iOS Devices

Researchers disclosed that WhatsApp on iOS and macOS places core decrypted SQLite chat databases and message history in a shared Apple App Group container in plaintext, which other Meta apps that share the same Apple Developer Team ID (e.g., Facebook, Instagram, Messenger) can access without user notification; the issue exposes message history, contacts, and Signal Protocol session state at rest and is mitigable by removing co‑installed Meta apps, enabling encrypted backups, or Apple enforcing encryption for shared containers.