Another Pegasus-like spyware found targeting WhatsApp with MP4 files
New Delhi: If you have received an MP4 video file on WhatsApp from an unknown number, you could be a victim of a new kind of hacking which uses a recently discovered vulnerability of WhatsApp to install malicious spywares in phones.
This security vulnerability allowed a remote attacker to target phones by sending a video file in MP4 format.
When notified about the security breach, the Indian Computer Emergency Response Team (CERT) categorised the threat under "High Severity" category.
Pegasus-like features
Israel-based spyware maker NSO Group was under spotlight recently for allegedly providing technology [Pegasus spyware] that used WhatsApp's video calling feature to attack user's phones.
A security message notified by WhatsApp's parent company Facebook said, "A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user."
Identified as CVE-2019-11931, this vulnerability message is similar to the one received by CERT from WhatsApp during the Pegasus snooping case.
According to the communication, this weakness could allow a remote attacker to force "Denial of Services (DoS) and Remote Code Execution (RCE)" which could be used to compromise any device running Android, iOS or Windows.
An attacker could use a person's cell number to send a video file through WhatsApp and install an unwanted program in their phones exploiting such vulnerability.
This security issue exists on both individual and business versions of the popular messaging app until the updates were rolled out in October earlier this year.
Although the latest security patch from WhatsApp claims to have fixed this problem, WhatsApp and Facebook have not given further details about the extent of possible execution of this exploit.
This comes even as the controversy around WhatsApp snooping refuses to die down, where phones of over a dozen activists, journalists and lawyers were allegedly compromised by an Israel-made spyware.
WhatsApp has been under fire for not providing adequate information to Indian authorities about the extent of attacks during Pegasus breach. The messaging app has sued NSO Group in a US court for violating its terms and conditions.
Government sources had earlier claimed that the information provided by WhatsApp is more of a "technical jargon" which didn't give much information about victims and extent of such attacks. WhatsApp had informed users separately about possible Pegasus attack on their devices.
Similar to the Pegasus incident, this vulnerability is also being called "a stack-based buffer overflow vulnerability".
According to CERT, "The exploitation does not require any form of authentication from the victim end and executes on downloading of malicious mp4 file on victims system."
Courtesy: www.indiatoday.in
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
Texas halts H-1B visas at state universities, agencies; to affect Indians
Houston (US) (PTI): Texas Governor Greg Abbott has ordered state agencies and public universities to immediately halt new H-1B visa petitions, tightening hiring rules at taxpayer-funded institutions, a step likely to impact Indian professionals.
The freeze will remain in effect through May 2027.
The directive issued on Tuesday said that the state agencies and public universities must stop filing new petitions unless they receive written approval from the Texas Workforce Commission.
The governor's order, in a red state that is home to thousands of H-1B visa holders, comes as the Trump administration has initiated steps to reshape the visa programme.
“In light of recent reports of abuse in the federal H-1B visa programme, and amid the federal government’s ongoing review of that programme to ensure American jobs are going to American workers, I am directing all state agencies to immediately freeze new H-1B visa petitions as outlined in this letter,” Abbot said.
Institutions must also report on H-1B usage, including numbers, job roles, countries of origin, and visa expiry dates, the letter said.
US President Donald Trump on September 19 last year signed a proclamation ‘Restriction on entry of certain non-immigrant workers’ that restricted the entry into the US of those workers whose H-1B petitions are not accompanied or supplemented by a payment of USD 1,00,000.
The H1-B visa fee of USD 1,00,000 would be applicable only to new applicants, i.e. all new H-1B visa petitions submitted after September 21, including those for the FY2026 lottery.
Indians make up an estimated 71 per cent of all approved H-1B applications in recent years, according to US Citizenship and Immigration Services (USCIS), with China in the second spot. The major fields include technology, engineering, medicine, and research.
Tata Consultancy Services (TCS) is the second-highest beneficiary with 5,505 approved H-1B visas in 2025, after Amazon (10,044 workers on H-1B visas), according to the USCIS. Other top beneficiaries include Microsoft (5,189), Meta (5,123), Apple (4,202), Google (4,181), Deloitte (2,353), Infosys (2,004), Wipro (1,523) and Tech Mahindra Americas (951).
Texas public universities employ hundreds of foreign faculty and researchers, many from India, across engineering, healthcare, and technology fields.
Date from Open Doors -- a comprehensive information resource on international students and scholars studying or teaching at higher education institutions in the US -- for 2022-2023 showed 2,70,000 students from India embarked on graduate and undergraduate degrees in US universities, accounting for 25 per cent of the international student population in the US and 1.5 per cent of the total student population.
Indian students infuse roughly USD 10 billion annually into universities and related businesses across the country through tuition and other expenses – while also creating around 93,000 jobs, according to the Open Doors data.
Analysts warn the freeze could slow recruitment of highly skilled professionals, affecting academic research and innovation.
Supporters say the directive protects local jobs, while critics caution it could weaken Texas’ competitiveness in higher education and research.
The order comes amid broader debate in the US over skilled immigration and state-level interventions in federal programmes.
H-1B visas allow US companies to hire technically-skilled professionals that are not easily available in America. Initially granted for three years, these can be extended for another three years.
In September 2025, Trump had also signed an executive order ‘The Gold Card’, aimed at setting up a new visa pathway for those committed to supporting the United States; with individuals who can pay USD 1 million to the US Treasury, or USD 2 million if a corporation is sponsoring them, to get access to expedited visa treatment and a path to a Green Card.
