/
Navigation
C
Chronicles
Browse all articles
C
E
Explore
Semantic exploration
E
R
Research
Entity momentum
R
N
Nexus
Correlations & relationships
N
~
Story Arc
Topic evolution
S
Drift Map
Semantic trajectory animation
D
P
Posts
Analysis & commentary
P
Browse
@
Entities
Companies, people, products, technologies
Domains
Browse by publication source
Handles
Browse by social media handle
Detection
?
Concept Search
Semantic similarity search
!
High Impact Stories
Top coverage by position
+
Sentiment Analysis
Positive/negative coverage
*
Anomaly Detection
Unusual coverage patterns
Analysis
vs
Rivalry Report
Compare two entities head-to-head
/\
Semantic Pivots
Narrative discontinuities
!!
Crisis Response
Event recovery patterns
Connected
Nav: C E R N
Search: /
Command: ⌘K
Embeddings: large
VOICE ARCHIVE

Itay Cohen

@megabeets_
4 posts
2025-11-08
It seems like DNG image processing libraries became a new attack vector of choice - suspiciously consistent across campaigns. Samsung had two zero-days in the same library, while a parallel campaign hit iOS - all exploiting the same file format. Should we expect more? 👀 3/
2025-11-08 View on X
The Record

Unit 42: “commercial grade” spyware called Landfall, likely zero-click, was used in a hacking campaign aimed at Samsung Galaxy phones in the Middle East

Security researchers on Friday revealed the discovery of “commercial grade” spyware used in a 9-month-long hacking campaign aimed …

View original
This isn't an isolated incident. #LANDFALL is part of a larger DNG exploitation wave. Within months, attackers weaponized image parsing vulnerabilities across Samsung (CVE-2025-21042, CVE-2025-21043) and Apple (CVE-2025-43300 chained with WhatsApp CVE-2025-55177 for delivery). 2/ [image]
2025-11-08 View on X
The Record

Unit 42: “commercial grade” spyware called Landfall, likely zero-click, was used in a hacking campaign aimed at Samsung Galaxy phones in the Middle East

Security researchers on Friday revealed the discovery of “commercial grade” spyware used in a 9-month-long hacking campaign aimed …

View original
In its debug strings, LANDFALL's loader calls itself “Bridge Head”. That's notable — “Bridge Head” is a common nickname used by some private-sector offensive cyber companies (including Variston, NSO, and others) for first-stage loaders. 6/ [image]
2025-11-08 View on X
The Record

Unit 42: “commercial grade” spyware called Landfall, likely zero-click, was used in a hacking campaign aimed at Samsung Galaxy phones in the Middle East

Security researchers on Friday revealed the discovery of “commercial grade” spyware used in a 9-month-long hacking campaign aimed …

View original
#LANDFALL enabled comprehensive surveillance, including microphone recording, location tracking and collection of photos, contacts, call logs, and more. Our analysis focuses on its loader component, which serves as the entry point for a broader LANDFALL framework. 5/
2025-11-08 View on X
The Record

Unit 42: “commercial grade” spyware called Landfall, likely zero-click, was used in a hacking campaign aimed at Samsung Galaxy phones in the Middle East

Security researchers on Friday revealed the discovery of “commercial grade” spyware used in a 9-month-long hacking campaign aimed …

View original