CISA Adds Zero-Day Bug Used in Spyware Attacks to KEV
CISA has demanded federal agencies patch a zero-day vulnerability affecting Samsung devices used in LandFall spyware attacks
Samsung makes phones, chips, and connected devices whose software flaws, firmware updates, and supply-chain risks can affect data and system security.
Search across headline titles and summaries.
Background for this topic.
Samsung is a manufacturer of smartphones, tablets, wearables, televisions, appliances, and related software; in security coverage, the term most often concerns Galaxy mobile devices, their Android-based firmware, and enterprise controls such as Samsung Knox. Its large installed base makes Samsung firmware, preinstalled applications, and device-management interfaces relevant attack surfaces for both consumers and organizations.
Security news may involve vulnerabilities in the Android framework, Samsung components, drivers, boot chain, or bundled applications, as well as the availability and scope of monthly device updates. Practitioners should track affected models and software versions, apply vendor patches, and account for devices that no longer receive updates. Knox features can support hardware-backed key storage, secure boot, work-profile separation, and centralized policy enforcement, but their protection depends on configuration and the underlying device lifecycle. Privacy reviews should also consider permissions, telemetry, and data handled by Samsung services.
Weekly headline count for the current query.
CISA has demanded federal agencies patch a zero-day vulnerability affecting Samsung devices used in LandFall spyware attacks
Researchers spot in-the-wild exploits of Samsung MagicInfo despite recent patch
ThreatFabric said the campaign has evolved since last year, employing sophisticated methods and mainly targeting Samsung devices
ESET said BadBazaar was available via the Google Play Store, Samsung Galaxy Store and various app sites
Four of these vulnerabilities enabled potential attackers to perform remote code execution
The feature provides a sandbox layer isolating some image files from the rest of the device
Both issues reportedly affected only Samsung devices running Android 12 and below
Personal info of "certain customers" was affected
Tech company confirms source codes for Galaxy devices among data snatched in cyber-attack