WhatsApp Introduces Incognito Mode for AI, Patches Two Major Security Flaws

Key facts

• WhatsApp, owned by Meta, has launched an 'incognito' mode allowing private AI chats that neither the user nor the AI logs.
• The Incognito mode is not the same as end-to-end encryption but offers comparable privacy for AI conversations.
• Meta published patches for two vulnerabilities: CVE-2026-23866 (media loading) and CVE-2026-23863 (Windows file handling).
• CVE-2026-23866 affects how AI-generated 'rich response messages' embed Instagram Reels.
• CVE-2026-23863 affects WhatsApp for Windows before version 2.3000.1032164386.258709.
• Meta boss Mark Zuckerberg noted Meta AI reached one billion users across Meta's applications.

Unlogged AI Conversations Raise Accountability Concerns

WhatsApp now offers an ‘incognito’ mode for its AI chatbot, allowing users to conduct highly private conversations that are inaccessible to even the technology company. The feature ensures that neither the user's inputs nor the AI's responses are monitored if the mode is activated, and all past chat history vanishes for the user. This development reflects a push to address user discomfort regarding the sharing of personal data. A senior official noted that people desire answers from AI concerning sensitive subjects, such as health, relationships, and finances, but remain hesitant to allow the company access to this information. While WhatsApp maintains that this new functionality is the 'equivalent' of the platform's existing end-to-end encryption, a cybersecurity expert warned that the unlogged status could create a significant accountability gap for WhatsApp if any issues arise from the service. Currently, most AI services retain some data from chatbot usage, which can be employed to train future product models, particularly if the account is not a paying enterprise client. This contrast makes the lack of logged conversations a crucial privacy feature, though it fundamentally alters Meta’s ability to audit misuse.

Urgent Patches Address Deep Vulnerabilities in Media Handling

Concurrently, Meta issued a critical security advisory, patching two distinct vulnerabilities within the WhatsApp messaging app. These fixes address flaws that, if exploited, could compromise how media and attachments are processed on a user’s device. Meta confirmed that while no evidence currently exists of these two bugs being exploited in the wild, they significantly lower the threshold for executing social engineering attacks. The vulnerabilities do not automatically infect devices but could be chained with other security flaws to enable more severe breaches. The first issue, identified as CVE-2026-23866, specifically targets how WhatsApp handles AI-generated 'rich response messages' that incorporate Instagram Reels. Affected versions on both iOS and Android permit a specially crafted message to force the app to load media from an attacker-controlled web address. This method allows a 'booby-trapped' message to potentially prompt a device into opening content from an untrusted source, bypassing normal security checks.

Windows Flaw Allows File Deception for Social Engineering

The second vulnerability, tracked as CVE-2026-23863, impacts the WhatsApp application running on Windows prior to version 2.3000.1032164386.258709. This bug concerns how the platform manages filenames containing embedded NUL bytes. In essence, the flaw could trick the interface into displaying a file type as benign—for instance, a harmless PDF—while the underlying operating system treats it as an executable file. Such deception is a classic technique used in social engineering, urging a user to click a safe-looking file that secretly executes malicious code. Meta advises users to update the application and restart it immediately after applying the patches to ensure the changes are fully implemented across the system. Updates are readily accessible via the Google Play Store, though regional availability may cause delays.

AI Adoption Fuels Desire for Unmonitored Chat Spaces

Mark Zuckerberg highlighted the phenomenal success of the integration, stating that Meta AI had reached one billion users across its family of applications. This growth underscores a public appetite for sophisticated digital assistants. The development of an unlogged AI space directly addresses a recognized tension: users crave the utility of AI answers but fear the loss of privacy and the potential for corporate surveillance over their most personal exchanges. The initial integration of Meta AI into WhatsApp last year had drawn criticism, with some users vociferously objecting to the inability to simply switch the feature off. While the technology behind the incognito mode is distinct from WhatsApp's core end-to-end encryption, proponents argue that its function is equivalent in providing a heightened level of conversation privacy, despite the accompanying risks.

The bottom line

• The 'incognito' AI mode for WhatsApp eliminates logs of chat history and user inputs, presenting a major privacy benefit but also forfeiting Meta’s audit trail for troubleshooting.
• Users must check for and apply patches for two vulnerabilities—CVE-2026-23866 (media) and CVE-2026-23863 (Windows files)—to prevent social engineering attacks.
• The Android/iOS vulnerability (CVE-2026-23866) enables a specially crafted rich response message to force the loading of external, untrusted media content.
• The Windows vulnerability (CVE-2026-23863) allows attackers to disguise executable files by exploiting filename handling of NUL bytes, facilitating deception.