Samsung mobile devices are at risk due to a critical vulnerability known as CVE-2025-21042, which allows remote attackers to execute arbitrary code without user interaction. This zero-day flaw has been reportedly exploited to deploy LANDFALL spyware through malicious image files. The vulnerability stems from an out-of-bounds write issue in Samsung’s image processing library, leading to device takeover and potential data compromise.
The US Cybersecurity and Infrastructure Security Agency (CISA) has included this vulnerability in its Known Exploited Vulnerabilities catalog, indicating the urgency of addressing the issue. Samsung had patched this flaw in April 2025, but active exploitation has been observed in the wild with sophisticated attack methods. Malicious actors have been utilizing booby-trapped Digital Negative image files sent through messaging apps to leverage this vulnerability, making it easier for them to compromise devices without any user action required. Users are urged to stay vigilant and follow best security practices to mitigate these threats.
👉 Pročitaj original: Malware Bytes
