InfoSecBulletin Cybersecurity for mankind
Samsung released its monthly Android security updates, addressing a vulnerability exploited in zero-day attacks. CVE-2025-21043 (CVSS score: 8.8) is a vulnerability that allows an out-of-bounds write, potentially leading to arbitrary code execution.
“Out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code,” Samsung said in an advisory. “The patch fixed the incorrect implementation.”
New Windows Defender ‘RoguePlanet’ zero-day grants SYSTEM privileges
Microsoft June Patches 200 Vulnerabilities including 3 zero days
World’s first wind power underwater data center is now live
VMware Fixed Multiple Flaws Allow Attackers to Inject Malicious Scripts
CVE-2026-50751
Check Point VPN 0-day Flaw Exploited in the WildÂ
AI-designed First ‘universal vaccine’ tested in humans
China Unveils First Prefabricated Data Center Base, Reducing Construction Time by 70%
Hacker now exploits recently patched SolarWinds Serv-U flaw
Cisco SD-WAN Flaw Exploited and Trend Micro Flaws Allows to Security Bypass
Ransomware Crisis Deepens: 4,089 Victims Hit Across 121 Countries in 2026
A 2020 report from Google Project Zero states that libimagecodec.quram.so is a proprietary image parsing library by Quramsoft that supports multiple image formats.
A critical issue identified by the South Korean electronics giant impacts Android versions 13 to 16. The company was privately informed about the vulnerability on August 13, 2025.
Samsung did not share any specifics on how the vulnerability is being exploited in attacks and who may be behind these efforts. However, it acknowledged that “an exploit for this issue has existed in the wild.”
The update follows Google’s announcement of fixing two security vulnerabilities in Android (CVE-2025-38352 and CVE-2025-48543) that have been used in targeted attacks.
Albania appoints world’s first AI minister, “Diella” to Tackle Corruption
