Recently you could read the following news at heise.de (https://heise.de/-4421379) (translated):
WhatsApp has a vulnerability (CVE-2019-3568) that allows unauthorized remote access to the device. The attacker can simply smuggle the spyware into a device through a WhatsApp call, even if the called party does not pick it up. Since Monday evening there is a patch.
Also, there were reports last year that WhatsApp will scan messages to show personalized ads, which is probably the case now.
These and several other events of this kind (I also recall the “Cambridge Analytica” scandal on Facebook) have kept me from installing and using WhatsApp on any of my devices and I will not do that in the future.
Those who use WhatsApp should be aware that you are potentially vulnerable. On the one hand WhatsApp’s source code is not open source, so no one knows what backdoors and security vulnerabilities exist, and on the other hand WhatsApp is also an attractive target for attacks due to the huge number of users.
Alternative to WhatsApp
As an alternative I can recommend “Signal”. This is a free messenger whose sources are also disclosed and which is also recommended by security experts. Even Edward Snowden uses and recommends this app. As with WhatsApp, the mobile number for logging in and contacting other people is sufficient, whereby the operator of Signal does not have access to this data and all messages are encrypted and can only be read by the persons involved.
Furthermore, you can create groups as in WhatsApp to share messages together and also perform encrypted audio and video calls with it. Under Android Signal can also be used for SMS (with iOS this is not possible for technical reasons).
There are also desktop applications available which only work with the app installed on a smartphone first. The desktop applications are authorized using a QR code that is displayed on the desktop and scanned by the smartphone app.
Website of Signal: https://signal.org
Sources at Github: https://github.com/signalapp