Samsung has fixed a critical remote code execution vulnerability (CVE-2025-21043) affecting Android devices, which was exploited in real-world attacks. Additionally, WhatsApp patched a zero-click vulnerability (CVE-2025-55177) linked with sophisticated spyware campaigns. #CVE202521043 #CVE202555177
Keypoints
- Samsung addressed a remote code execution flaw in its Android devices through a security update.
- The vulnerability exists in the libimagecodec.quram.so library and can be exploited remotely.
- WhatsApp patched a zero-click spyware exploit on iOS and macOS, linked to targeted attacks.
- Attackers are actively exploiting these vulnerabilities in the wild, posing serious threats to users.
- Prompt software updates and device resets are recommended to mitigate these security risks.