InfoSecBulletin Cybersecurity for mankind
Generally scanning a malicious QR code from an unknown source can be harmful. Cisco Talos research shows that many people underestimate potential threats. Anti-spam filters can’t detect QR codes in images, allowing many spam emails to go unnoticed. While only 1 in 500 emails contains a QR code, around 60% of those are spam.
QR code phishing, or “quishing,” is a growing threat that mimics real websites to steal personal and payment information. For instance, fraudsters have been seen placing QR stickers on parking meters to trick people into entering their payment details into fake parking apps.
CVE-2025-1268
Patch urgently! Canon Fixes Critical Printer Driver Flaw
Within Minute, RamiGPT To Escalate Privilege Gaining Root Access
Australian fintech database exposed in 27000 records
Over 200 Million Info Leaked Online Allegedly Belonging to X
FBI investigating cyberattack at Oracle, Bloomberg News reports
OpenAI Offering $100K Bounties for Critical Vulns
Splunk Alert User RCE and Data Leak Vulns
CIRT alert Situational Awareness for Eid Holidays
Cyberattack on Malaysian airports: PM rejected $10 million ransom
Micropatches released for Windows zero-day leaking NTLM hashes
Talos issued a warning about malicious QR code emails that send fake multi-factor authentication requests to steal user credentials.
QR codes in emails account for only 0.1% to 0.2% of all emails, yet Talos discovered they often bypass anti-spam filters, allowing users to see them in their inboxes more frequently than anticipated.
Malicious URLs can be ‘defanged’ by altering the protocol from ‘http’ to ‘hxxp’ or by placing brackets around a dot in the URL. This prevents browsers from activating the link and helps users avoid accidentally clicking it. This issue is less prevalent with QR codes.
