Varindia
Landfall Spyware Exploits Samsung Galaxy Zero-Day Vulnerability
First seen 23 Nov 2025, 12:25 UTC
•



+9
•72% similarity
•56.5
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A sophisticated spyware named 'Landfall' targeted Samsung Galaxy phones for nearly a year, exploiting a zero-day vulnerability in Samsung's image-processing library. Discovered by Palo Alto Networks' Unit 42, the campaign primarily affected users in the Middle East and utilized maliciously crafted images sent via WhatsApp to compromise devices without user interaction. The vulnerability, tracked as CVE-2025-21042, was patched by Samsung in April 2025.
ThreatCluster AI