Tag: qr

FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing

Jan 9, 2026 9:01 AM

Tags: advisory, government, hacker, malicious, north-korea, phishing, qr, spear-phishing, threat

The U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored threat actors leveraging malicious QR codes in spear-phishing campaigns targeting entities in the country.”As of 2025, Kimsuky actors have targeted think tanks, academic institutions, and both U.S. and foreign government entities with embedded malicious Quick Response (QR) First…
FBI warns about Kimsuky hackers using QR codes to phish U.S. orgs

Jan 9, 2026 1:01 AM

Tags: group, hacker, north-korea, phishing, qr

The North Korean state-sponsored hacker group Kimsuki is using malicious QR codes in spearphishing campaigns that target U.S. organizations, the Federal Bureau of Investigation warns in a flash alert. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-warns-about-kimsuky-hackers-using-qr-codes-to-phish-us-orgs/
Hackers Using Malicious QR Codes for Phishing via HTML Table

Jan 7, 2026 10:02 PM

Tags: cyber, email, hacker, malicious, phishing, qr, threat, tool

Threat actors are continuing to refine “quishing” phishing delivered through QR codes by shifting from traditional image-based payloads to “imageless” QR codes rendered directly in email HTML, a tactic designed to sidestep security tools that focus on decoding QR images. QR code abuse is not new, but it remains effective because the user experience is…
Quishing: Kaspersky meldet signifikante Zunahme des QR-Code-Phishings

Dec 24, 2025 1:19 AM

Tags: kaspersky, phishing, qr

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/quishing-kaspersky-signifikant-zunahme-qr-code-phishing
Quishing: Kaspersky meldet signifikante Zunahme des QR-Code-Phishings

Dec 24, 2025 1:19 AM

Tags: kaspersky, phishing, qr

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/quishing-kaspersky-signifikant-zunahme-qr-code-phishing
Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Dec 22, 2025 1:19 PM

Tags: access, attack, automation, awareness, breach, china, conference, credentials, cybercrime, data, email, espionage, exploit, finance, government, group, hacker, hacking, linkedin, malicious, microsoft, military, phishing, qr, russia, tactics, threat, tool, unauthorized

Tools of the trade: What’s driving the surge is the availability of tools that make these attacks easy to execute. Proofpoint identified two primary kits: SquarePhish2 and Graphish.SquarePhish2 is an updated version of a tool originally published by Dell Secureworks in 2022. It automates the OAuth Device Grant Authorization flow and integrates QR code functionality.The…
Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Dec 22, 2025 1:19 PM

Tags: access, attack, automation, awareness, breach, china, conference, credentials, cybercrime, data, email, espionage, exploit, finance, government, group, hacker, hacking, linkedin, malicious, microsoft, military, phishing, qr, russia, tactics, threat, tool, unauthorized

Tools of the trade: What’s driving the surge is the availability of tools that make these attacks easy to execute. Proofpoint identified two primary kits: SquarePhish2 and Graphish.SquarePhish2 is an updated version of a tool originally published by Dell Secureworks in 2022. It automates the OAuth Device Grant Authorization flow and integrates QR code functionality.The…
Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

Dec 18, 2025 10:19 AM

Tags: android, korea, malware, mobile, north-korea, phishing, qr, threat

The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking Seoul-based logistics firm CJ Logistics (formerly CJ Korea Express).”The threat actor leveraged QR codes and notification pop-ups to lure victims into installing…
Kimsuky Hackers Use Weaponized QR Codes to Distribute Malicious Mobile Apps

Dec 17, 2025 9:19 PM

Tags: access, cyber, hacker, korea, malicious, malware, mobile, north-korea, qr, service, threat

Threat researchers have uncovered a sophisticated mobile malware campaign attributed to North Korea-linked threat actor Kimsuky, leveraging weaponized QR codes and fraudulent delivery service impersonations to trick users into installing remote access trojans on their smartphones. The ENKI WhiteHat Threat Research Team identified the latest iteration of >>DOCSWAP
Phishing boomt (nicht nur) im Weihnachtsgeschäft

Dec 1, 2025 10:49 AM

Tags: mail, phishing, qr

Gefälschte und mit Schadsoftware verseuchte E-Mails, SMS oder QR-Codes: Sicherheitstipps für Online-Shopping vor Weihnachten. In der Vorweihnachtszeit boomt der Onlinehandel, angeheizt durch Rabattwochen rund um »Black Friday« und »Cyber Monday«. Doch wo Verbraucherinnen und Verbraucher nach Schnäppchen suchen, lauern häufig auch Betrüger. Phishing zählt dabei laut dem aktuellen »Bundeslagebild Cybercrime« des Bundeskriminalamts (BKA) zu den……
Sharjah Police Experiment Exposes How Easily People Fall for Fake QR Codes

Nov 26, 2025 1:49 PM

Tags: cybersecurity, qr

A cybersecurity experiment conducted by Sharjah Police has revealed how easily QR codes can mislead individuals, particularly when these codes promise conveniences such as free WiFi. The police placed an unbranded QR code in a public area with a simple message, “Free WiFi”, to measure how many people would scan it without verifying its source.…
Sharjah Police Experiment Exposes How Easily People Fall for Fake QR Codes

Nov 26, 2025 1:49 PM

Tags: cybersecurity, qr

A cybersecurity experiment conducted by Sharjah Police has revealed how easily QR codes can mislead individuals, particularly when these codes promise conveniences such as free WiFi. The police placed an unbranded QR code in a public area with a simple message, “Free WiFi”, to measure how many people would scan it without verifying its source.…
eSchool News: How K-12 IT Teams Lock Down QR-Based SSO Without Hurting Usability

Nov 19, 2025 3:49 PM

Tags: email, login, malicious, phishing, qr, risk

This article was originally published in eSchool News on 11/10/25 by Charlie Sander. Phishing via QR codes, a tactic now known as “quishing,” involves attackers embedding malicious QR codes in emails or posters Schools can keep QR logins safe and seamless by blending clear visual cues, ongoing user education, and risk-based checks behind the scenes…
Öffentliche Verwaltung im Visier von Cyberspionen

Nov 11, 2025 12:20 PM

Tags: access, alphv, bsi, cyberattack, cybercrime, encryption, germany, governance, government, infrastructure, lockbit, microsoft, open-source, phishing, qr, service, vulnerability

Laut BSI haben es Cyberspione aktuell besonders auf die öffentliche Verwaltung abgesehen.Cyberspione haben es in Deutschland derzeit besonders auf die öffentliche Verwaltung abgesehen. Das geht aus dem aktuellen Lagebericht des Bundesamtes für Sicherheit in der Informationstechnik (BSI) hervor. Eine nennenswerte Anzahl von Geschädigten gab es demnach auch in den Sektoren Verteidigung, Rechtspflege, öffentliche Sicherheit und…
Quishing: QRC-Scans können Kiste der Pandora öffnen

Nov 7, 2025 12:19 AM

Tags: qr

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/quishing-qrc-scans-kiste-pandora-oeffnung
Quishing: QRC-Scans können Kiste der Pandora öffnen

Nov 7, 2025 12:19 AM

Tags: qr

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/quishing-qrc-scans-kiste-pandora-oeffnung
Modern supply-chain attacks and their real-world impact

Nov 4, 2025 9:19 AM

Tags: access, ai, apache, attack, authentication, backdoor, breach, china, control, credentials, crowdstrike, crypto, cybersecurity, data, defense, email, espionage, exploit, github, group, infection, infosec, injection, intelligence, korea, lazarus, LLM, malicious, malware, marketplace, mfa, microsoft, network, north-korea, open-source, password, phishing, pypi, qr, risk, social-engineering, software, supply-chain, tactics, theft, threat, tool, worm, zero-day

This is what modern software supply-chain attacks look like. Since the industry-shaking SolarWinds compromise of 2020, the threat landscape has changed dramatically. Early high-profile incidents targeted build servers or tampered software updates. Today’s attackers prefer a softer entry point: the humans maintaining open-source projects.In the last two years, the majority of large-scale supply-chain intrusions have…
Modern supply-chain attacks and their real-world impact

Nov 4, 2025 9:19 AM

Tags: access, ai, apache, attack, authentication, backdoor, breach, china, control, credentials, crowdstrike, crypto, cybersecurity, data, defense, email, espionage, exploit, github, group, infection, infosec, injection, intelligence, korea, lazarus, LLM, malicious, malware, marketplace, mfa, microsoft, network, north-korea, open-source, password, phishing, pypi, qr, risk, social-engineering, software, supply-chain, tactics, theft, threat, tool, worm, zero-day

This is what modern software supply-chain attacks look like. Since the industry-shaking SolarWinds compromise of 2020, the threat landscape has changed dramatically. Early high-profile incidents targeted build servers or tampered software updates. Today’s attackers prefer a softer entry point: the humans maintaining open-source projects.In the last two years, the majority of large-scale supply-chain intrusions have…
Modern supply-chain attacks and their real-world impact

Nov 4, 2025 9:19 AM

Tags: access, ai, apache, attack, authentication, backdoor, breach, china, control, credentials, crowdstrike, crypto, cybersecurity, data, defense, email, espionage, exploit, github, group, infection, infosec, injection, intelligence, korea, lazarus, LLM, malicious, malware, marketplace, mfa, microsoft, network, north-korea, open-source, password, phishing, pypi, qr, risk, social-engineering, software, supply-chain, tactics, theft, threat, tool, worm, zero-day

This is what modern software supply-chain attacks look like. Since the industry-shaking SolarWinds compromise of 2020, the threat landscape has changed dramatically. Early high-profile incidents targeted build servers or tampered software updates. Today’s attackers prefer a softer entry point: the humans maintaining open-source projects.In the last two years, the majority of large-scale supply-chain intrusions have…
The Phishing Renaissance, How AI Brought Back the Classics

Nov 1, 2025 8:20 AM

Tags: ai, attack, deep-fake, email, phishing, qr, scam
The Phishing Renaissance, How AI Brought Back the Classics

Nov 1, 2025 8:20 AM

Tags: ai, attack, deep-fake, email, phishing, qr, scam
Threat Actors Advancing Email Phishing Attacks to Bypass Security Filters

Oct 22, 2025 4:26 PM

Tags: api, attack, cyber, cybercrime, email, password, phishing, qr, tactics, threat

Cybercriminals continue to evolve their email phishing arsenals, reviving legacy tactics while layering on advanced evasions to slip past automated filters and human scrutiny. In 2025, attackers are noted tried-and-true approaches”, like password-protected attachments and calendar invites”, with new twists such as QR codes, multi-stage verification chains, and live API integrations. These refinements not only…
New QR Code-Based Quishing Attack Targets Microsoft Users

Oct 9, 2025 3:23 PM

Tags: antivirus, attack, cyber, exploit, microsoft, qr

A sophisticated quishing campaign leveraging weaponized QR codes has been uncovered, specifically targeting Microsoft users with seemingly innocuous document review requests. By exploiting advanced evasion techniques”, splitting the QR code into two separate images, using non-standard color palettes, and drawing the code directly via PDF content streams”, attackers are able to bypass traditional antivirus and…
Phishing Is Moving From Email to Mobile. Is Your Security?

Oct 2, 2025 4:41 PM

Tags: email, mobile, phishing, qr

With SMS, voice, and QR-code phishing incidents on the rise, it’s time to take a closer look at securing the mobile user. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/phishing-moving-email-mobile-is-your-security
Phishing Is Moving From Email to Mobile. Is Your Security?

Oct 2, 2025 4:41 PM

Tags: email, mobile, phishing, qr

With SMS, voice, and QR-code phishing incidents on the rise, it’s time to take a closer look at securing the mobile user. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/phishing-moving-email-mobile-is-your-security
That innocent PDF is now a Trojan Horse for Gmail attacks

Oct 2, 2025 5:41 AM

Tags: access, attack, awareness, cio, ciso, corporate, credentials, cybersecurity, defense, detection, email, endpoint, hacker, infrastructure, network, phishing, qr, ransomware, risk, social-engineering, spear-phishing, theft, threat, tool, training, zero-trust

Personal email use increases enterprise risk: Employees are increasingly accessing personal email accounts from corporate machines; it is commonplace in hybrid and remote work environments. But considering that hackers have access to easily-usable tools like MatrixPDF, experts advise enterprises to be more vigilant.CISOs and CIOs should consider opportunities to either restrict access to personal webmail…
New npm Malware Steals Browser Passwords via Steganographic QR Code

Sep 23, 2025 2:16 PM

Tags: credentials, cyber, email, malware, password, qr, threat

A novel npm package named fezbox has been uncovered by the Socket Threat Research Team as a sophisticated malware delivery mechanism that exfiltrates username and password credentials from browser cookies via an embedded QR code. Published under the npm alias janedu (registration email janedu0216@gmail[.]com), the package masquerades as a harmless JavaScript/TypeScript utility library while quietly…
NPM package caught using QR Code to fetch cookie-stealing malware

Sep 23, 2025 1:15 PM

Tags: credentials, data, malware, qr

Newly discovered npm package ‘fezbox’ employs QR codes to hide a second-stage payload to steal cookies from a user’s web browser. The package, masquerading as a utility library, leverages this innovative steganographic technique to harvest sensitive data, such as user credentials, from a compromised machine. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/npm-package-caught-using-qr-code-to-fetch-cookie-stealing-malware/
Microsoft DCU’s Takedown of RaccoonO365

Sep 23, 2025 5:16 AM

Tags: access, advisory, business, communications, computer, corporate, credentials, crime, crypto, cyber, data, detection, email, fraud, google, hacker, hacking, healthcare, infrastructure, intelligence, jobs, law, linkedin, login, malware, microsoft, password, phishing, privacy, qr, service, spam

When I saw the name of the Microsoft Digital Crime Unit’s latest target, “RaccoonO365” I probably reacted to it differently than most. With the help of a friend in Lagos, we’ve been watching the money launderers and things have reached a point that they now refer to what we previously called “Business Email Compromise” or…
Product showcase: Clean Links exposes what’s hiding behind a QR code

Sep 16, 2025 7:15 AM

Tags: qr, scam

Clean Links is a handy app that shows you exactly where a link will take you before you click it. It strips out trackers, expands shortened URLs, and helps you avoid scams … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/16/product-showcase-clean-links-app-qr-code-scanner/