TI Mindmap HUB
Threat Intelligence Report

LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices

๐Ÿ“… November 8, 2025 ๐Ÿ“ฐ unit42.paloaltonetworks.com ๐Ÿ” 4 CVE(s) referenced

Unit 42 uncovered LANDFALL, a stealthy commercial-grade Android spyware targeting Samsung devices via a zero-day image processing vulnerability, enabling comprehensive surveillance and data theft through malicious image files sent over WhatsApp in a campaign linked to Middle Eastern offensive actors.

vendor
CVE-2025-21042, CVE-2025-21043, CVE-2025-43300, CVE-2025-55177

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

๐Ÿ” Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

๐Ÿ“Š Visual Mindmap
๐ŸŽฏ IOC Extraction
โš”๏ธ MITRE ATT&CK TTPs
๐Ÿ“ฆ STIX 2.1 Bundle