Tag: qr

Betrugsmaschen florieren in Anzeigen, Feeds und Videos

Jan 23, 2026 5:30 AM

Tags: cyberattack, cybercrime, fraud, qr

Cyberkriminalität hat sich zum Ende des Jahres 2025 spürbar verändert. Statt technisch komplexer Angriffe setzen Täter zunehmend auf alltägliche digitale Handlungen. Ein Klick auf einen Link, das Scannen eines QR Codes oder die Bestätigung eines Codes reichen oft aus, um Betrug auszulösen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/betrugsmaschen-anzeigen-feeds-videos
QR codes are getting colorful, fancy, and dangerous

Jan 15, 2026 8:11 AM

Tags: email, login, qr

QR codes have become a routine part of daily life, showing up on emails, posters, menus, invoices, and login screens. Security-savvy users have learned to treat links with … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/15/fancy-qr-codes-phishing-risk/
This WhatsApp Link Can Hand Over Your Account in Seconds

Jan 14, 2026 10:12 PM

Tags: phishing, qr

A sophisticated phishing campaign impersonating WhatsApp Web uses fake meeting links and QR codes to hijack accounts and enable real-time surveillance. The post This WhatsApp Link Can Hand Over Your Account in Seconds appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-whatsapp-link-iranian-phishing-campaign/
FBI Flags Quishing Attacks From North Korean APT

Jan 12, 2026 11:01 PM

Tags: apt, attack, email, government, group, north-korea, phishing, qr, threat

A state-sponsored threat group tracked as Kimsuky sent QR-code-filled phishing emails to US and foreign government agencies, NGOs, and academic institutions. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/fbi-quishing-attacks-north-korean-apt
Security Affairs newsletter Round 558 by Pierluigi Paganini INTERNATIONAL EDITION

Jan 11, 2026 1:02 PM

Tags: apt, attack, breach, data, data-breach, email, international, qr, WeeklyReview

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A massive breach exposed data of 17.5M Instagram users North Korealinked APT Kimsuky behind quishing attacks,…
North Korealinked APT Kimsuky behind quishing attacks, FBI warns

Jan 10, 2026 6:02 PM

Tags: apt, attack, email, government, group, malicious, phishing, qr, spear-phishing

FBI warns that North Korealinked APT group Kimsuky is targeting governments, think tanks, and academic institutions with quishing attacks. North Korealinked APT group Kimsuky is targeting government agencies, academic institutions, and think tanks using spear-phishing emails that contain malicious QR codes (quishing), the FBI warns. >>As of 2025, Kimsuky actors have targeted think tanks, academic…
NDSS 2025 GhostShot: Manipulating The Image Of CCD Cameras With Electromagnetic Interference

Jan 9, 2026 11:02 PM

Tags: attack, cctv, computer, control, data, detection, Internet, network, qr

Session 8B: Electromagnetic Attacks Authors, Creators & Presenters: Yanze Ren (Zhejiang University), Qinhong Jiang (Zhejiang University), Chen Yan (Zhejiang University), Xiaoyu Ji (Zhejiang University), Wenyuan Xu (Zhejiang University) PAPER GhostShot: Manipulating The Image Of CCD Cameras With Electromagnetic Interference CCD cameras are critical in professional and scientific applications where high-quality image data are required, and…
QR codes a powerful new phishing weapon in hands of Pyongyang cyberspies

Jan 9, 2026 6:01 PM

Tags: cloud, login, phishing, qr

State-backed attackers are using QR codes to slip past enterprise security and help themselves to cloud logins, the FBI says First seen on theregister.com Jump to article: www.theregister.com/2026/01/09/pyongyangs_cyberspies_are_turning_qr/
FBI Warns of North Korean QR Phishing Campaigns

Jan 9, 2026 12:01 PM

Tags: apt, group, korea, north-korea, phishing, qr, spear-phishing

The FBI says North Korea’s Kimsuky APT group is using QR codes in spear phishing campaigns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-warns-north-korean-qr-phishing/
FBI Warns of North Korean QR Phishing Campaigns

Jan 9, 2026 12:01 PM

Tags: apt, group, korea, north-korea, phishing, qr, spear-phishing

The FBI says North Korea’s Kimsuky APT group is using QR codes in spear phishing campaigns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-warns-north-korean-qr-phishing/
FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing

Jan 9, 2026 9:01 AM

Tags: advisory, government, hacker, malicious, north-korea, phishing, qr, spear-phishing, threat

The U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored threat actors leveraging malicious QR codes in spear-phishing campaigns targeting entities in the country.”As of 2025, Kimsuky actors have targeted think tanks, academic institutions, and both U.S. and foreign government entities with embedded malicious Quick Response (QR) First…
FBI warns about Kimsuky hackers using QR codes to phish U.S. orgs

Jan 9, 2026 1:01 AM

Tags: group, hacker, north-korea, phishing, qr

The North Korean state-sponsored hacker group Kimsuki is using malicious QR codes in spearphishing campaigns that target U.S. organizations, the Federal Bureau of Investigation warns in a flash alert. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-warns-about-kimsuky-hackers-using-qr-codes-to-phish-us-orgs/
Hackers Using Malicious QR Codes for Phishing via HTML Table

Jan 7, 2026 10:02 PM

Tags: cyber, email, hacker, malicious, phishing, qr, threat, tool

Threat actors are continuing to refine “quishing” phishing delivered through QR codes by shifting from traditional image-based payloads to “imageless” QR codes rendered directly in email HTML, a tactic designed to sidestep security tools that focus on decoding QR images. QR code abuse is not new, but it remains effective because the user experience is…
Quishing: Kaspersky meldet signifikante Zunahme des QR-Code-Phishings

Dec 24, 2025 1:19 AM

Tags: kaspersky, phishing, qr

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/quishing-kaspersky-signifikant-zunahme-qr-code-phishing
Quishing: Kaspersky meldet signifikante Zunahme des QR-Code-Phishings

Dec 24, 2025 1:19 AM

Tags: kaspersky, phishing, qr

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/quishing-kaspersky-signifikant-zunahme-qr-code-phishing
Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Dec 22, 2025 1:19 PM

Tags: access, attack, automation, awareness, breach, china, conference, credentials, cybercrime, data, email, espionage, exploit, finance, government, group, hacker, hacking, linkedin, malicious, microsoft, military, phishing, qr, russia, tactics, threat, tool, unauthorized

Tools of the trade: What’s driving the surge is the availability of tools that make these attacks easy to execute. Proofpoint identified two primary kits: SquarePhish2 and Graphish.SquarePhish2 is an updated version of a tool originally published by Dell Secureworks in 2022. It automates the OAuth Device Grant Authorization flow and integrates QR code functionality.The…
Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Dec 22, 2025 1:19 PM

Tags: access, attack, automation, awareness, breach, china, conference, credentials, cybercrime, data, email, espionage, exploit, finance, government, group, hacker, hacking, linkedin, malicious, microsoft, military, phishing, qr, russia, tactics, threat, tool, unauthorized

Tools of the trade: What’s driving the surge is the availability of tools that make these attacks easy to execute. Proofpoint identified two primary kits: SquarePhish2 and Graphish.SquarePhish2 is an updated version of a tool originally published by Dell Secureworks in 2022. It automates the OAuth Device Grant Authorization flow and integrates QR code functionality.The…
Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

Dec 18, 2025 10:19 AM

Tags: android, korea, malware, mobile, north-korea, phishing, qr, threat

The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking Seoul-based logistics firm CJ Logistics (formerly CJ Korea Express).”The threat actor leveraged QR codes and notification pop-ups to lure victims into installing…
Kimsuky Hackers Use Weaponized QR Codes to Distribute Malicious Mobile Apps

Dec 17, 2025 9:19 PM

Tags: access, cyber, hacker, korea, malicious, malware, mobile, north-korea, qr, service, threat

Threat researchers have uncovered a sophisticated mobile malware campaign attributed to North Korea-linked threat actor Kimsuky, leveraging weaponized QR codes and fraudulent delivery service impersonations to trick users into installing remote access trojans on their smartphones. The ENKI WhiteHat Threat Research Team identified the latest iteration of >>DOCSWAP
Phishing boomt (nicht nur) im Weihnachtsgeschäft

Dec 1, 2025 10:49 AM

Tags: mail, phishing, qr

Gefälschte und mit Schadsoftware verseuchte E-Mails, SMS oder QR-Codes: Sicherheitstipps für Online-Shopping vor Weihnachten. In der Vorweihnachtszeit boomt der Onlinehandel, angeheizt durch Rabattwochen rund um »Black Friday« und »Cyber Monday«. Doch wo Verbraucherinnen und Verbraucher nach Schnäppchen suchen, lauern häufig auch Betrüger. Phishing zählt dabei laut dem aktuellen »Bundeslagebild Cybercrime« des Bundeskriminalamts (BKA) zu den……
Sharjah Police Experiment Exposes How Easily People Fall for Fake QR Codes

Nov 26, 2025 1:49 PM

Tags: cybersecurity, qr

A cybersecurity experiment conducted by Sharjah Police has revealed how easily QR codes can mislead individuals, particularly when these codes promise conveniences such as free WiFi. The police placed an unbranded QR code in a public area with a simple message, “Free WiFi”, to measure how many people would scan it without verifying its source.…
Sharjah Police Experiment Exposes How Easily People Fall for Fake QR Codes

Nov 26, 2025 1:49 PM

Tags: cybersecurity, qr

A cybersecurity experiment conducted by Sharjah Police has revealed how easily QR codes can mislead individuals, particularly when these codes promise conveniences such as free WiFi. The police placed an unbranded QR code in a public area with a simple message, “Free WiFi”, to measure how many people would scan it without verifying its source.…
eSchool News: How K-12 IT Teams Lock Down QR-Based SSO Without Hurting Usability

Nov 19, 2025 3:49 PM

Tags: email, login, malicious, phishing, qr, risk

This article was originally published in eSchool News on 11/10/25 by Charlie Sander. Phishing via QR codes, a tactic now known as “quishing,” involves attackers embedding malicious QR codes in emails or posters Schools can keep QR logins safe and seamless by blending clear visual cues, ongoing user education, and risk-based checks behind the scenes…
Öffentliche Verwaltung im Visier von Cyberspionen

Nov 11, 2025 12:20 PM

Tags: access, alphv, bsi, cyberattack, cybercrime, encryption, germany, governance, government, infrastructure, lockbit, microsoft, open-source, phishing, qr, service, vulnerability

Laut BSI haben es Cyberspione aktuell besonders auf die öffentliche Verwaltung abgesehen.Cyberspione haben es in Deutschland derzeit besonders auf die öffentliche Verwaltung abgesehen. Das geht aus dem aktuellen Lagebericht des Bundesamtes für Sicherheit in der Informationstechnik (BSI) hervor. Eine nennenswerte Anzahl von Geschädigten gab es demnach auch in den Sektoren Verteidigung, Rechtspflege, öffentliche Sicherheit und…
Quishing: QRC-Scans können Kiste der Pandora öffnen

Nov 7, 2025 12:19 AM

Tags: qr

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/quishing-qrc-scans-kiste-pandora-oeffnung
Quishing: QRC-Scans können Kiste der Pandora öffnen

Nov 7, 2025 12:19 AM

Tags: qr

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/quishing-qrc-scans-kiste-pandora-oeffnung
Modern supply-chain attacks and their real-world impact

Nov 4, 2025 9:19 AM

Tags: access, ai, apache, attack, authentication, backdoor, breach, china, control, credentials, crowdstrike, crypto, cybersecurity, data, defense, email, espionage, exploit, github, group, infection, infosec, injection, intelligence, korea, lazarus, LLM, malicious, malware, marketplace, mfa, microsoft, network, north-korea, open-source, password, phishing, pypi, qr, risk, social-engineering, software, supply-chain, tactics, theft, threat, tool, worm, zero-day

This is what modern software supply-chain attacks look like. Since the industry-shaking SolarWinds compromise of 2020, the threat landscape has changed dramatically. Early high-profile incidents targeted build servers or tampered software updates. Today’s attackers prefer a softer entry point: the humans maintaining open-source projects.In the last two years, the majority of large-scale supply-chain intrusions have…
Modern supply-chain attacks and their real-world impact

Nov 4, 2025 9:19 AM

Tags: access, ai, apache, attack, authentication, backdoor, breach, china, control, credentials, crowdstrike, crypto, cybersecurity, data, defense, email, espionage, exploit, github, group, infection, infosec, injection, intelligence, korea, lazarus, LLM, malicious, malware, marketplace, mfa, microsoft, network, north-korea, open-source, password, phishing, pypi, qr, risk, social-engineering, software, supply-chain, tactics, theft, threat, tool, worm, zero-day

This is what modern software supply-chain attacks look like. Since the industry-shaking SolarWinds compromise of 2020, the threat landscape has changed dramatically. Early high-profile incidents targeted build servers or tampered software updates. Today’s attackers prefer a softer entry point: the humans maintaining open-source projects.In the last two years, the majority of large-scale supply-chain intrusions have…
Modern supply-chain attacks and their real-world impact

Nov 4, 2025 9:19 AM

Tags: access, ai, apache, attack, authentication, backdoor, breach, china, control, credentials, crowdstrike, crypto, cybersecurity, data, defense, email, espionage, exploit, github, group, infection, infosec, injection, intelligence, korea, lazarus, LLM, malicious, malware, marketplace, mfa, microsoft, network, north-korea, open-source, password, phishing, pypi, qr, risk, social-engineering, software, supply-chain, tactics, theft, threat, tool, worm, zero-day

This is what modern software supply-chain attacks look like. Since the industry-shaking SolarWinds compromise of 2020, the threat landscape has changed dramatically. Early high-profile incidents targeted build servers or tampered software updates. Today’s attackers prefer a softer entry point: the humans maintaining open-source projects.In the last two years, the majority of large-scale supply-chain intrusions have…
The Phishing Renaissance, How AI Brought Back the Classics

Nov 1, 2025 8:20 AM

Tags: ai, attack, deep-fake, email, phishing, qr, scam