CISA has ordered U.S. federal agencies to urgently patch a critical Samsung vulnerability, CVE-2025-21042, exploited since mid-2024 to deploy LandFall spyware via malicious WhatsApp messages. The flaw enables remote code execution on high-end Samsung devices, compromising sensitive data like calls, locations, and files. All organizations are urged to prioritize this update amid escalating mobile security threats.