Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA adds CVE-2025-21042 to KEV catalog

Public Sector Action
First reported
Last updated
Happening score
H score 48
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2025-21042 to the KEV catalog, triggering a formal federal response to a Samsung zero-day that had been reported as actively abused in spyware operations. The directive orders US federal agencies to apply vendor mitigations, follow BOD 22-01 cloud guidance, or discontinue use if mitigations are unavailable. Agencies must comply by December 1, and the flaw is an out-of-bounds write bug with a 9.8 CVSS score that Samsung patched in April.

Cases

Related Happenings

Amazon Q Developer MCP trust flaw (CVE-2026-12957)

Vulnerability
H score32 First: 26.06.2026 16:53 Last: 26.06.2026 16:53 Sources 1

About this happening: **Amazon Q Developer** had a **high-severity** trust-boundary flaw in **MCP server** handling that could let a malicious repository trigger commands on a developer machine and ste...

FFmpeg 8.1.2 security update (CVE-2026-8461)

Security Patch Release
H score36 First: 23.06.2026 00:05 Last: 23.06.2026 00:05 Sources 1

About this happening: **FFmpeg** shipped **version 8.1.2** to fix **CVE-2026-8461** in the **MagicYUV decoder**, closing a heap out-of-bounds write that could affect **FFmpeg-based applications**. The...

Ghost CMS CVE-2026-26980 ClickFix campaign

Campaign
H score42 First: 24.05.2026 17:12 Last: 24.05.2026 17:12 Sources 1

About this happening: A **large-scale campaign** is exploiting **CVE-2026-26980** in **Ghost CMS** to plant malicious JavaScript and drive **ClickFix** lure pages, putting exposed sites and their visit...

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
H score33 First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

CISA KEV directive for CVE-2026-20133

Public Sector Action
H score36 First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...

Timeline

  1. 11.11.2025 12:30 2 articles · 8mo ago

    CISA adds CVE-2025-21042 to KEV catalog

    Legal Policy Action Update

    CISA added CVE-2025-21042, an out-of-bounds write flaw with a CVSS score of 9.8, to the Known Exploited Vulnerabilities catalog and told US federal agencies to apply vendor mitigations, follow BOD 22-01 cloud guidance, or discontinue use of the product if mitigations are unavailable.

    Show sources
  2. 11.11.2025 12:30 1 articles · 8mo ago

    Public disclosure links CVE-2025-21042 to LandFall spyware

    Initial Disclosure

    Public reporting describes a spyware campaign against Samsung devices in which LandFall was embedded in malicious DNG image files sent through WhatsApp to targets in the Middle East, with possible zero-click remote code execution and surveillance capabilities including microphone recording, location tracking, and collection of photos, contacts, and call logs.

    Show sources
  3. 11.11.2025 12:30 1 articles · 8mo ago

    Federal agencies face December 1 remediation deadline

    Legal Policy Action Update

    US federal agencies must meet the December 1 deadline to apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable for CVE-2025-21042.

    Show sources