A zero-day vulnerability in Samsung's Android image processing library allowed the deployment of LandFall spyware through malicious images sent via WhatsApp. This spyware targets specific Galaxy models and can record calls, track locations, and access personal data.

The lotusbail npm package masquerades as a legitimate WhatsApp API library but contains sophisticated malware that steals user credentials, messages, and contacts. It captures data by intercepting communications and uses custom encryption to evade detection. Even after uninstalling the package, attackers retain access to compromised accounts.

WhatsApp has integrated Rust to improve security in its media handling, protecting users from potential malware threats. This upgrade follows lessons learned from past vulnerabilities, enabling faster and safer media sharing across billions of devices.