A zero-day vulnerability in Samsung's Android image processing library allowed the deployment of LandFall spyware through malicious images sent via WhatsApp. This spyware targets specific Galaxy models and can record calls, track locations, and access personal data.

Microsoft has addressed multiple zero-day vulnerabilities in Windows and Office that hackers are actively exploiting. These flaws allow attackers to execute malware with minimal user interaction, primarily through malicious links and files. Security experts warn of a high risk of system compromise and ransomware deployment.

Amazon's threat intelligence teams discovered an advanced threat actor using zero-day vulnerabilities in Cisco and Citrix systems. The actor deployed custom malware to gain unauthorized access, highlighting the risks to critical identity and network access control infrastructures.

Samsung has addressed a critical remote code execution vulnerability (CVE-2025-21043) affecting Android devices running version 13 or later, which was exploited in zero-day attacks. Discovered in a closed-source image parsing library, the flaw allows attackers to execute malicious code remotely. Meta and WhatsApp reported the vulnerability, highlighting the importance of keeping devices updated to mitigate such risks.