Samsung has issued a hot warning to all Galaxy users after discovering a serious security vulnerability that is being exploited. This issue directly affects devices running Android 13 and above, including the Galaxy S25 and Galaxy S25 Edge. To fix it, Samsung has urgently released a patch in the September security update.

The vulnerability, coded CVE-2025-21043, reported by WhatsApp, is rated as the most serious risk level. It comes from Quramsoft's image analysis library. An attacker only needs to send a malicious image, and as soon as the device processes it, the malicious code will enter the memory, opening the way to take full control of the device.

What's scarier is that this is a zero-click attack - you don't need to click or open anything, the attack still happens automatically in the background. This makes the user completely unaware that their device has been compromised. These types of attacks are often extremely sophisticated and difficult to carry out, but if successful, the consequences are huge.

According to experts, the main targets of this type of attack are influential figures, such as politicians, journalists, diplomats, or defense experts. Even the iPhone was hit by a similar bug and had to release an emergency patch via WhatsApp last month.

To avoid becoming a victim, Samsung recommends that users update immediately when there is a new notification. You can check by going to Settings > Software update > Download and install. Since patches are deployed by region, model, and carrier, you may not see the update right away, but install it as soon as possible.

Even if you are not a celebrity, don't be subjective. An unupdated phone is always a "delicious bait" for hackers. Keeping your Galaxy up to date with the latest software and security is the simplest way to protect yourself.