QuaDream | Breaking Cybersecurity News | The Hacker News

Israeli spyware vendor QuaDream is allegedly shutting down its operations in the coming days, less than a week after its hacking toolset was exposed by Citizen Lab and Microsoft. The development was reported by the Israeli business newspaper  Calcalist , citing unnamed sources, adding the company "hasn't been fully active for a while" and that it "has been in a difficult situation for several months." The company's board of directors are looking to sell off its intellectual property, the report further added. QuaDream, which specializes in hacking Apple devices that don't require any action on the part of the victim, is also said to have fired all its employees, with the firm undergoing significant downsizing, according to Haaretz and The Jerusalem Post . News of the purported shutdown comes as the firm's spyware framework – dubbed REIGN – was outed as  having been used  against journalists, political opposition figures, and NGO workers across...

A now-patched security vulnerability in Apple iOS that was previously found to be exploited by Israeli company NSO Group was also separately weaponized by a different surveillance vendor named QuaDream to hack into the company's devices. The development was reported by  Reuters , citing unnamed sources, noting that "the two rival businesses gained the same ability last year to remotely break into iPhones [and] compromise Apple phones without an owner needing to open a malicious link." The zero-click exploit in question is  FORCEDENTRY , a flaw in iMessage that could be leveraged to  circumvent iOS security protections  and install spyware that allowed attackers to scoop up a wealth of information such as contacts, emails, files, messages, and photos, as well as access to the phone's camera and microphone. Google Project Zero, which studies zero-day vulnerabilities in hardware and software systems such as operating systems, web browsers, and open source libraries...

Everybody knows browser extensions are embedded into nearly every user's daily workflow, from spell checkers to GenAI tools. What most IT and security people don't know is that browser extensions' excessive permissions are a growing risk to organizations. LayerX today announced the release of the Enterprise Browser Extension Security Report 2025 , This report is the first and only report to merge public extension marketplace statistics with real-world enterprise usage telemetry. By doing so, it sheds light on one of the most underestimated threat surfaces in modern cybersecurity: browser extensions. The report reveals several findings that IT and security leaders will find interesting, as they build their plans for H2 2025. This includes information and analysis on how many extensions have risky permissions, which kinds of permissions are given, if extension developers are to be trusted, and more. Below, we bring key statistics from the report. Highlights from the Enterprise Browse...