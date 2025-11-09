Sometimes, timing really is everything. Just days apart, two major developments have shaken Samsung users — confirmation of a spyware attack that led to an emergency update earlier this year, and news that several Samsung phones will no longer receive software updates.

The spyware confirmation comes from Palo Alto Networks’ Unit 42, which revealed details about a previously unknown Android spyware family named LANDFALL. This attack exploited a zero-day vulnerability in Samsung’s Android image processing library. According to the report, the spyware spread through malicious image files that appeared to be sent via WhatsApp.

Unit 42 explained that the flaw, tracked as CVE-2025-21042, is not an isolated incident. Instead, it’s part of a broader trend of similar vulnerabilities discovered across multiple mobile platforms. The good news is that Samsung patched the issue in April 2025. However, the full details of the exploit and the commercial-grade spyware used have not yet been made public.

Over the past year, Android users have faced a rise in spyware and zero-day attacks. These types of vulnerabilities allow hackers to secretly access devices before companies even know the issue exists. Samsung acted quickly when the problem surfaced, pushing an emergency update earlier this year to protect users.

Security experts say that since the flaw was fixed months ago, there is no ongoing risk to current Samsung users who have installed the latest updates. However, that protection only applies to phones still receiving security patches. Many older Samsung models are no longer eligible for regular updates — and that’s where the new warning comes in.

According to SammyFans, five Samsung phones have officially reached the end of their software support as of November 2025. This means these devices will no longer receive new security updates or patches, leaving them vulnerable to any new exploits discovered in the future.

While Samsung did not specify which models are affected in its public statement, the news highlights a growing problem across the Android ecosystem. Millions of users worldwide still rely on outdated devices that no longer receive protection against modern threats. Experts estimate that over one billion Android devices globally have stopped receiving updates — a significant portion of them from Samsung.

This situation creates a serious risk. Even though the LANDFALL spyware was patched earlier this year, older phones remain unprotected from future attacks. Hackers often target unsupported devices because they can exploit unpatched vulnerabilities with ease.

Cybersecurity analysts recommend users check their phone’s update status and consider upgrading if their device is no longer supported. Using security apps, avoiding suspicious links or files, and keeping WhatsApp and other messaging apps updated can also help reduce risk.

The confirmation of the LANDFALL spyware attack serves as a reminder that smartphone security depends on timely updates. As Samsung moves forward with newer devices, millions of older phones are being left behind — and unfortunately, so is their protection.