CISA orders feds to patch Samsung zero-day used in spyware attacks
CISA ordered U.S. federal agencies today to patch a critical Samsung vulnerability that has been exploited in zero-day attacks to deploy LandFall spyware on devices running WhatsApp. [...]
CISA ordered U.S. federal agencies today to patch a critical Samsung vulnerability that has been exploited in zero-day attacks to deploy LandFall spyware on devices running WhatsApp.
Tracked as CVE-2025-21042, this out-of-bounds write security flaw was discovered in Samsung's libimagecodec.quram.so library, allowing remote attackers to gain code execution on devices running Android 13 and later.
Related breach coverage
- CISA orders feds to patch actively exploited Geoserver flaw2025-12-12
CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection attacks. [...]
- CISA orders feds to patch Gogs RCE flaw exploited in zero-day attacks2026-01-12
CISA has ordered government agencies to secure their systems against a high-severity Gogs vulnerability that was exploited in zero-day attacks. [...]
- CISA orders feds to patch MongoBleed flaw exploited in attacks2025-12-30
CISA ordered U.S. federal agencies to patch an actively exploited MongoDB vulnerability (MongoBleed) that can be exploited to steal credentials, API keys, and other sensitive data. [...]
- CISA orders feds to patch VMware Tools flaw exploited by Chinese hackers2025-10-30
CISA has ordered federal agencies to patch a high-severity vulnerability in Broadcom's VMware Aria Operations and VMware Tools software, exploited by Chinese hackers since October 2024. [...]