Techcrunch
Landfall Spyware Exploits Samsung Galaxy Zero-Day Vulnerability
First seen 2 Dec 2025, 18:33 UTC
•



+28
•72% similarity
•54.8
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A sophisticated spyware named Landfall targeted Samsung Galaxy phones for nearly a year, exploiting a zero-day vulnerability in Samsung's image processing library. Discovered by Palo Alto Networks' Unit 42, the malware was delivered through malicious images sent via WhatsApp, affecting users primarily in the Middle East. The vulnerability, tracked as CVE-2025-21042, was active from July 2024 until it was patched in April 2025.
ThreatCluster AI