Gaia uncovers how cosmic collisions sculpt the strange spins of asteroids.
Get the latest international news and world events from around the world.
NASA’s Perseverance Rover Reveals Mars’ Watery Past and Clues to Ancient Life
NASA’s Perseverance rover has uncovered powerful new evidence that Mars’ Jezero Crater once hosted multiple rounds of flowing water, each creating conditions that could have supported life.
Samsung Mobile Flaw Exploited as Zero-Day to Deploy LANDFALL Android Spyware
It’s assessed that the attacks involved sending via WhatsApp malicious images in the form of DNG (Digital Negative) files, with evidence of LANDFALL samples going all the way back to July 23, 2024. This is based on DNG artifacts bearing names like “WhatsApp Image 2025/02/10 at 4.54.17 PM.jpeg” and “IMG-20240723-WA0000.jpg.”
Itay Cohen, senior principal researcher at Palo Alto Networks Unit 42, told The Hacker News that they have not observed any significant functional changes between the samples from July 2024 and February 2025, when the most recent LANDFALL artifact was uploaded to VirusTotal.
LANDFALL, once installed and executed, acts as a comprehensive spy tool, capable of harvesting sensitive data, including microphone recording, location, photos, contacts, SMS, files, and call logs.
New LandFall spyware exploited Samsung zero-day via WhatsApp messages
A threat actor exploited a zero-day vulnerability in Samsung’s Android image processing library to deploy a previously unknown spyware called ‘LandFall’ using malicious images sent over WhatsApp.
The security issue was patched this year in April, but researchers found evidence that the LandFall operation was active since at least July 2024, and targeted select Samsung Galaxy users in the Middle East.
Identified as CVE-2025–21042, the zero-day is an out-of-bounds write in libimagecodec.quram.so and has a critical severity rating. A remote attacker successfully exploiting it can execute arbitrary code on a target device.
Malicious NuGet packages drop disruptive ‘time bombs’
Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database implementations and Siemens S7 industrial control devices.
The embedded malicious code uses a probabilistic trigger, so it may or may not activate depending on a set of parameters on the infected device.
NuGet is an open-source package manager and software distribution system, enabling developers to download and include ready-to-run. NET libraries for their projects.
