It’s assessed that the attacks involved sending via WhatsApp malicious images in the form of DNG (Digital Negative) files, with evidence of LANDFALL samples going all the way back to July 23, 2024. This is based on DNG artifacts bearing names like “WhatsApp Image 2025/02/10 at 4.54.17 PM.jpeg” and “IMG-20240723-WA0000.jpg.”
Itay Cohen, senior principal researcher at Palo Alto Networks Unit 42, told The Hacker News that they have not observed any significant functional changes between the samples from July 2024 and February 2025, when the most recent LANDFALL artifact was uploaded to VirusTotal.
LANDFALL, once installed and executed, acts as a comprehensive spy tool, capable of harvesting sensitive data, including microphone recording, location, photos, contacts, SMS, files, and call logs.
A threat actor exploited a zero-day vulnerability in Samsung’s Android image processing library to deploy a previously unknown spyware called ‘LandFall’ using malicious images sent over WhatsApp.
The security issue was patched this year in April, but researchers found evidence that the LandFall operation was active since at least July 2024, and targeted select Samsung Galaxy users in the Middle East.
Identified as CVE-2025–21042, the zero-day is an out-of-bounds write in libimagecodec.quram.so and has a critical severity rating. A remote attacker successfully exploiting it can execute arbitrary code on a target device.
Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database implementations and Siemens S7 industrial control devices.
The embedded malicious code uses a probabilistic trigger, so it may or may not activate depending on a set of parameters on the infected device.
NuGet is an open-source package manager and software distribution system, enabling developers to download and include ready-to-run. NET libraries for their projects.
@The researchers have revealed a mechanism that triggers metastasis of hepatocellular carcinoma (HCC)—the most common type of primary liver cancer—through the production of acetate by tumor-associated macrophages.
Acetate is important to cancer metastasis because it promotes the synthesis of acetyl-coenzyme A (acetyl-CoA), which is a pivotal metabolic intermediate in the catabolism of glucose, lipids, and amino acids, as well as the biosynthesis of lipids and the TCA cycle. Acetyl-CoA also functions as a signaling molecule due to its role in lysine acetylation. Increased acetyl-CoA production is characteristic of metastatic cancers.
Researchers have known that acetate levels in the blood are significantly lower than in cancer tissues, suggesting the presence of acetate-producing cells within the cancer microenvironment. However, the exact source of acetate in the cancer microenvironment was previously unclear.
The researchers have now identified a key acetate source by revealing how HCC cells trigger acetate secretion by tumor-associated macrophages (TAMs) through a metabolic interaction involving lactate and the lipid peroxidation–aldehyde dehydrogenase 2 (ALDH2) pathway.
