Samsung Patches Zero-Day Security Flaw Used to Hack Into Its Customers’ Phones

Samsung confirmed that it has patched a zero-day security vulnerability that attackers were actively using to break into customers’ devices.

The company explained that the flaw, located in a software library responsible for handling image files on Samsung phones, could allow hackers to execute malicious code remotely. The issue affected devices running Android 13 up to the latest release, Android 16.

According to Samsung’s advisory, security researchers from Meta and WhatsApp privately disclosed the bug on August 13, warning that the exploit was already circulating “in the wild.” However, Samsung did not provide details about which specific models were impacted.

The flaw is categorised as a zero-day because attackers exploited it before Samsung had an opportunity to release a fix. At present, it remains unclear who orchestrated the attacks or how many customers were affected. Samsung did not respond to media requests for comment before publication.

The timing of Samsung’s patch coincides with broader efforts by major tech firms to block a large-scale spyware campaign. Both Apple and WhatsApp issued separate security updates in August to counter vulnerabilities that had been leveraged to compromise iPhones and Android devices.

WhatsApp told TechCrunch it had notified fewer than 200 users who were directly targeted or breached. Apple, meanwhile, has said little beyond describing the exploit as part of an “extremely sophisticated attack” aimed at carefully selected individuals.

Apple also continues to send warnings to potential victims of spyware operations, urging them to seek guidance from Access Now’s digital security lab. Most recently, on September 3, the company alerted an undisclosed number of customers that their devices were targeted in a campaign later confirmed by the French government.