India, Dec. 21 -- The Indian Computer Emergency Response Team (CERT-In) has issued an advisory on a vulnerability in the WhatsApp "device-linking" feature that enables attackers to take "complete" control of an account, including access to real-time messages, photos, and videos on the web version.

Known as 'GhostPairing', the CERT-In issued an advisory, terming it a 'high' severity rating, which enables cybercriminals to take complete control of WhatsApp accounts without needing passwords or SIM swaps. It has been reported that malicious actors are exploiting WhatsApp's device-linking feature to hijack accounts using pairing codes without an authentication requirement.

The advisory further read, "The campaign usually begins with victims...