Mastodawn

ICYMI... 🫩🫠

https://unit42.paloaltonetworks.com/landfall-is-new-commercial-grade-android-spyware/
;
See also:
https://youtu.be/FDeMq8W4-sU
•
https://nvd.nist.gov/vuln/detail/CVE-2025-48561
•
https://www.pixnapping.com/pixnapping.pdf
•
Also;
“... As of October 2025, Google has not committed to patching our app list bypass vulnerability. They resolved our report as "won't fix (infeasible)".”

#android #landfall #malware #exploit #hardwarevulnerability #pixnapping #TAC_UCB #PixnappingAttack #maliciousapp #rendering #compositing #vsync #masking #encoding #surfaceflinger #callback

LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices

Commercial-grade LANDFALL spyware exploits CVE-2025-21042 in Samsung Android’s image processing library. The spyware was embedded in malicious DNG files.

Unit 42

smxi Nov 7, 2023

Some nice datasets and issues for #inxi - Got a rooted #Android dataset, and realized I can detect the #SurfaceFlinger compositor and thus show some data for Display: Also, the recent #Vulkan API upgrade works on android in #termux if you install the vulkan-tools package. Also fixed some partition stuff.

Even better, and also now running in #pinxi is finally finding a way to lock down #DRM vs #Xorg port ID string mapping without using hacks. Works on all DRM driver + #xrandr situations.