The discovery that hackers could snoop on WhatsApp should alert users of supposedly secure messaging apps to an uncomfortable truth: "End-to-end encryption" sounds nice - but if anyone can get into your phone's operating system, they will be able to read your messages without having to decrypt them.

According to a report in the Financial Times on Tuesday, the spyware that exploited the vulnerability was Pegasus, made by Israeli company NSO. The malware could access a phone's camera and microphone, open messages, capture what appears on a user's screen, and log keystrokes - rendering encryption pointless.