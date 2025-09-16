erek
Commercial Spyware’s Advantage
“Plus, around the same time as Apple and Meta's zero-day disclosures, Donncha Ó Cearbhaill, the head of Amnesty International's Security Lab, also sounded the alarm on a zero-click exploit being used to hack WhatsApp users.
"Early indications are that the WhatsApp attack is impacting both iPhone and Android users, civil society individuals among them," he said on social media. "Our team at Amnesty International's Security Lab is actively investigating cases with a number of individuals targeted in this campaign."
Then last week, Samsung fixed a critical flaw exploited as a zero-day in its Android devices that sounds just like the Apple and WhatsApp issues.
The vulnerability, tracked as CVE-2025-21043, affects Android OS versions 13, 14, 15, and 16. It's due to an out-of-bounds write vulnerability in libimagecodec.quram.so, a parsing library used to process image formats on Samsung devices, which remote attackers can abuse to execute malicious code.
"Samsung was notified that an exploit for this issue has existed in the wild," the electronics giant noted. ”
Source: https://www.theregister.com/2025/09/16/apple_0day_spy_attacks/
