Source: The Hacker News
A recently patched security vulnerability in Samsung Galaxy Android devices facilitated the deployment of commercial-grade spyware known as LANDFALL. This zero-day exploit targeted users in the Middle East and was based on an out-of-bounds write flaw found in the “libimagecodec.quram.so” component of the operating system.
The bug, identified as CVE-2025-21042, has a CVSS score of 8.8, indicating a critical security risk. Attackers could leverage this flaw to execute arbitrary code remotely, thus compromising the affected devices. This incident underscores the importance of promptly applying security patches and maintaining vigilance against emerging threats that exploit such vulnerabilities.
👉 Pročitaj original: The Hacker News
