LANDFALL是一种利用三星零日漏洞(CVE-2025-21042)的商业级Android间谍软件,通过WhatsApp发送武器化DNG图像实现零点击攻击三星Galaxy设备。该漏洞属于更大规模的DNG图像解析漏洞利用活动的一部分,影响了三星和苹果设备。 2025-11-7 22:15:51 Author: www.reddit.com(查看原文) 阅读量:5 收藏
LANDFALL — a commercial-grade Android spyware exploiting a now-patched Samsung zero-day (CVE-2025-21042) through weaponized DNG images sent via WhatsApp, enabling zero-click compromise of Samsung Galaxy devices.
This isn't an isolated incident. LANDFALL is part of a larger DNG exploitation wave. Within months, attackers weaponized image parsing vulnerabilities across Samsung (CVE-2025-21042, CVE-2025-21043) and Apple (CVE-2025-43300 chained with WhatsApp CVE-2025-55177 for delivery)
It seems like DNG image processing libraries became a new attack vector of choice – suspiciously consistent across campaigns. Samsung had two zero-days in the same library, while a parallel campaign hit iOS - all exploiting the same file format. Should we expect more?
如有侵权请联系:admin#unsafe.sh