Landfall Android Spyware Targeted Samsung Phones via Zero-Day

Threat actors exploited CVE-2025-21042 to deliver malware via specially crafted images to users in the Middle East.  The post Landfall Android Spyware Targeted Samsung Phones via Zero-Day appeared first on SecurityWeek.

A recently discovered Android spyware has been delivered to Samsung device owners through the exploitation of a zero-day vulnerability, Palo Alto Networks reported on Friday.

The spyware, named Landfall by Palo Alto Networks, exploited a vulnerability identified as CVE-2025-21042, which impacts a Samsung image processing library and which can be exploited for remote code execution. 

The attackers appear to have exploited CVE-2025-21042 by sending the targeted users a specially crafted DNG image through WhatsApp. The attacks seem to have been aimed at Samsung Galaxy phones and the threat actor may have delivered Landfall through a zero-click exploit.

Source: https://www.securityweek.com/landfall-android-spyware-targeted-samsung-phones-via-zero-day/