C. Scott Brown / Android Authority
TL;DR
- A cybersecurity group has apparently created a root exploit for some Galaxy S26 phones.
- The exploit gave root access to Galaxy S26 and S26 Plus phones powered by the Exynos 2600 processor.
- One of the researchers also reported that they got Magisk up and running on one of these devices.
Major manufacturers have increasingly locked down their Android phones over the years, preventing users from gaining root access. Samsung is no different, as it keeps the Galaxy S26 series under lock and key. However, some Galaxy S26 models have just been cracked wide open via an apparent root exploit.
Cybersecurity group Dark Navy reported on X (thanks, Dylan H!) that they’ve uncovered a root exploit in Exynos-powered Galaxy S26 and Galaxy S26 Plus models. This doesn’t apply to the Galaxy S26 Ultra as it’s exclusively powered by Snapdragon silicon.
We obtained root privilege on the S26 (Exynos 2600 Chipset), the latest flagship smartphone from Samsung. To our knowledge, this is the first root exploit for Exynos S26 since Samsung removed bootloader unlocking option in One UI 8. It is exploitable from APP context, so we make… pic.twitter.com/jy0KtWpgEF
Don’t want to miss the best from Android Authority?
The group apparently used AI in concert with “a few rounds of natural language conversations” to create the root exploit. An accompanying video (seen above) shows the exploit being triggered via a simple app. Furthermore, a Dark Navy security researcher subsequently reported that the team has root utility Magisk working on the Exynos Galaxy S26 as a result of this exploit.
For the uninitiated, a root exploit grants users elevated access to their device. This privileged access can be used for a variety of reasons, such as more extensive system customization (e.g., removing bloatware), in-depth performance tweaks, task automation, and more. Banking clients and a few other apps don’t typically support rooted devices, although the aforementioned Magisk app can address some of these downsides.
This news comes less than a year after Samsung removed bootloader unlocking on devices outside the US. The company had previously removed this option from US devices. This move effectively halted the development of custom ROMs for modern Samsung devices.
The news also comes almost two months after Xiaomi’s security lab discovered an exploit to enable bootloader unlocking on the firm’s Snapdragon 8 Elite Gen 5 phones. However, this exploit was patched as part of security updates in early March.
Thank you for being part of our community. Read our Comment Policy before posting.