The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Landfall Android Spyware

Nov 17, 2025 12:33:16 PM / by The Hivemind posted in Threat Bulletin, Android Malware, DNG exploit, Landfall spyware, CVE-2025-21042, Samsung zero-day, mobile espionage, SELinux manipulation

0 Comments

Verticals Targeted: Not specified
Regions Targeted: Middle East
Related Families: None

Executive Summary

A novel Android spyware family, dubbed Landfall, leveraged a zero-day vulnerability in Samsung's image processing library to compromise Galaxy devices. The campaign, active since mid-2024, enabled extensive surveillance capabilities and remained undetected until historical samples were analyzed post-patch.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More