If you have a Samsung phone, you'll want to update it immediately. Samsung just issued an urgent warning about active attacks targeting Galaxy smartphones, like the Samsung Galaxy S25 and Galaxy S25 Edge, and has updated its September security patch to fix the vulnerability ASAP.
The vulnerability impacts devices running Android 13 or newer. The flaw, tracked as CVE-2025-21043, was reported by WhatsApp, according to Samsung's security blog. Samsung confirmed that it “was notified that an exploit for this issue has existed in the wild.”
It has to do with a flaw in third-party image-parsing library, which could let attackers execute malicious code on Galaxy devices. At this time, there's no telling whether the issue is limited to just WhatsApp or extends to other messenging platforms. Given WhatsApp's extensive userbase of around 3 billion users, the pool of potential victims vulnerable to these kind of hacking attempts is enormous.
These kind of zero-click attacks, i.e. when hackers leverage a data verification loophole to remotely control your device, are extremely rare. When they do surface, they’re typically weaponized by nation-states in espionage campaigns targeting politicians, diplomats, journalists, defense personnel, and other high-profile targets.
First iPhones, now Galaxy phones
Last month, WhatsApp patched a similar high-severity vulnerability affecting the best iPhones in the wake of a handful of zero-click attacks against high-profile individuals. In a security advisory, WhatsApp said it had fixed an “incomplete authorization of linked device synchronization messages in WhatsApp” bug which, “could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device.”
According to the advisory, the bug was chained with another vulnerability the company addressed earlier in August. Together, the two were exploited “in a sophisticated attack against specific targeted users.”
How to keep your Galaxy phone safe from hackers
As with all of the best Android phones, the most important thing you can do to keep your Galaxy phone safe from hackers is to keep your operating system and apps up to date. The problem for Samsung users is that, when it comes to urgent fixes, the rollout tends to be more piecemeal. Unlike the instant, universal updates pushed to Pixels and iPhones, Galaxy patches roll out gradually by model, region, and carrier. In the meantime, many Galaxy users will be left twiddling their thumbs as One UI 8 trickles out.
If your phone is on Samsung’s monthly update schedule, the patch will reach you eventually. Just be sure to install it right away and reboot your device ASAP once it arrives. Even if your device comes from a manufacturer that doesn’t release updates often, don’t panic just yet: There are still plenty of steps you can take to safeguard your phone and the sensitive data on it.
Consider running one of the best Android antivirus apps since most are not only updated on a more frequent basis but also include useful extras like access to one of the best VPNs or a password manager to help protect your privacy and your credentials.
Whether you're scrolling on a phone, tablet, or computer, the simplest way to stay safe from hackers is by installing updates and security patches as soon as they’re available. Attackers love to prey on devices running outdated software. When you're shopping for a new phone, it’s easy to focus on screen size or storage, but security updates and how many years of support you get are just as important.
Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
More from Tom's Guide
- Samsung Galaxy S26 Ultra leak just revealed bad news for the camera
- The rise of Samsung: Why Apple is losing ground in the smartphone war
- iPhone 17 Pro Max vs Samsung Galaxy S25 Ultra: Which flagship will win?
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
