GoKawiilC. Scott Brown / Android Authority
TL;DR A cybersecurity group has apparently created a root exploit for some Galaxy S26 phones.
The exploit gave root access to Galaxy S26 and S26 Plus phones powered by the Exynos 2600 processor.
One of the researchers also reported that they got Magisk up and running on one of these devices.
Major manufacturers have increasingly locked down their Android phones over the years, preventing users from gaining root access. Samsung is no different, as it keeps the Galaxy S26 series under lock and key. However, some Galaxy S26 models have just been cracked wide open via an apparent root exploit.
Cybersecurity group Dark Navy reported on X (thanks, Dylan H!) that they’ve uncovered a root exploit in Exynos-powered Galaxy S26 and Galaxy S26 Plus models. This doesn’t apply to the Galaxy S26 Ultra as it’s exclusively powered by Snapdragon silicon.
We obtained root privilege on the S26 (Exynos 2600 Chipset), the latest flagship smartphone from Samsung. To our knowledge, this is the first root exploit for Exynos S26 since Samsung removed bootloader unlocking option in One UI 8. It is exploitable from APP context, so we make… pic.twitter.com/jy0KtWpgEF — DARKNAVY (@DarkNavyOrg) May 11, 2026
Don’t want to miss the best from Android Authority? Set us as a favorite source in Google Discover to never miss our latest exclusive reports, expert analysis, and much more.
to never miss our latest exclusive reports, expert analysis, and much more. You can also set us as a preferred source in Google Search by clicking the button below.
The group apparently used AI in concert with “a few rounds of natural language conversations” to create the root exploit. An accompanying video (seen above) shows the exploit being triggered via a simple app. Furthermore, a Dark Navy security researcher subsequently reported that the team has root utility Magisk working on the Exynos Galaxy S26 as a result of this exploit.
... continue reading