WhatsApp Chat Histories Exposed in Unencrypted Storage on macOS and iOS

Security researchers found that WhatsApp stores chat histories in plaintext within a shared app group container (group.com.facebook.family) on iOS and macOS, allowing other apps from the same developer ecosystem or an attacker who bypasses OS protections to access messages; this risk is amplified by a disclosed macOS Archive Utility vulnerability (CVE-2026-28910) that can bypass the App Sandbox and enable extraction of protected app containers and backups. Researchers demonstrated backup extraction and a proof-of-concept combining the storage behavior and sandbox bypass, but no large-scale exploitation has been reported; recommended mitigations include enabling encrypted backups, keeping systems updated, using strong device-level encryption and passcodes, and limiting apps from the same developer ecosystem.