QR Codes Are Being Weaponized! Beware of New ‘Quishing’ Attacks

QR Code scams have leveled up! Cybercriminals are now using Quishing (QR code phishing) to trick you into giving up your credentials.

Barracuda Threat Researchers have discovered a new wave of phishing attacks called Quishing, where cybercriminals use QR codes to steal credentials. Why is this so dangerous? ✅ QR codes look harmless and can’t be read by humans ✅ They bypass traditional email filters ✅ Users scan them on mobile devices, outside company security controls Now attackers are deploying Split QR Codes (one code split into two images) and Nested QR Codes (a malicious QR hidden inside a legitimate one) to evade detection. What can you do? ✔ Security awareness training ✔ Enable Multi-Factor Authentication ✔ Deploy AI-powered email protection that can identify these advanced QR-based threats, decode links, sandbox malicious URLs, and detect anomalies in real time. https://blog.barracuda.com/2025/08/20/threat-spotlight-split-nested-qr-codes-quishing-attacks Quishing is evolving—your defenses need to evolve too. Plixer can help.

Operation Secure Saint Paul: Interlock Ransomware Hits City with 43GB Data Leak

 

Have you heard about Operation Secure Saint Paul? The city of St. Paul, Minnesota, has confirmed the July 25 cyberattack was a ransomware assault carried out by the group Interlock. The hackers claim they posted 43 gigabytes of stolen city data online—including HR files and even personal items. The city refused to pay ransom and instead shut down its networks, disrupting public services like library Wi-Fi, online bill payments, and some city phone lines. Emergency services like 911 remained operational. Mayor Melvin Carter described the attackers as a sophisticated, money-driven criminal organization. A federal advisory about Interlock was issued just three days before the breach. St. Paul is now working with the FBI, the National Guard, and CISA to restore systems and secure its infrastructure. Over 2,000 of the city’s 3,500 employees have reset passwords as part of ‘Operation Secure Saint Paul.’ The city is also offering 12 months of credit monitoring to employees and warning residents to watch for fraudulent invoices. What lessons can your organization learn from this? Data backups, observability, and strong ransomware defenses are essential for hybrid environments. https://hackread.com/interlock-ransomware-leaks-st-paul-city-cyberattack-data/ https://www.infosecurity-magazine.com/news/st-paul-mayor-interlock-data-leak/ https://www.cbsnews.com/minnesota/news/melvin-carter-st-paul-cyberattack-update-august-11/ Like and subscribe for more cybersecurity updates and insights!

Is 2025 The Worst Year in Cybercrime History?

 

Flashpoint’s Alarming Midyear Threat Report thinks so. Cybercrime in 2025 isn’t just bad—it could be the worst year ever. According to Flashpoint’s 2025 Midyear Global Threat Intelligence Index, the numbers are staggering: • Credential theft via info-stealing malware like Lumma, RedLine, and Raccoon is up 800%. • Ransomware attacks jumped 179%, with demands averaging $676,000. • Data breaches surged 235%, impacting over 166 million people. • Vulnerability disclosures rose 246%, with 7,000+ exploitable flaws ready for attackers. Cybercrime is now blending with geopolitical conflict, creating a volatile and unpredictable threat landscape. This convergence demands proactive intelligence and holistic defense strategies—and platforms like Plixer One can help security teams stay ahead. Stay informed, stay protected—this could be just the visible tip of the iceberg. https://flashpoint.io/blog/flashpoint-2025-global-threat-intelligence-index-midyear/?CRO3=%233007_variant #CyberSecurity #Cybercrime #Ransomware #DataBreach #Infostealers #Flashpoint #Plixer #ThreatIntelligence

Online Scams Are Out of Control — 75% of Americans Hit! (Even NASCAR)

 

Three out of four Americans have been scammed online. According to a new Pew Research study, online fraud is everywhere: 💳 Fake credit charges 🔓 Hacked social, email & bank accounts 📱 Scam texts and phishing emails Even younger adults (18–29) are more likely to fall for scams than seniors. And most people don’t report it—because nearly 70% think the government is doing a bad job fighting cybercrime. https://www.pewresearch.org/internet/2025/07/31/online-scams-and-attacks-in-america-today/ It’s not just individuals, either. NASCAR was recently breached by the Medusa ransomware gang, and hackers demanded $4 million. https://www.securityweek.com/nascar-confirms-personal-information-stolen-in-ransomware-attack/ Plus, IBM reports the average cost of a U.S. data breach is now $10.22 million. https://www.securityweek.com/cost-of-data-breach-in-us-rises-to-10-22-million-says-latest-ibm-report/ These scams are not rare, and they’re not harmless. Don’t click suspicious links. Freeze your credit. And if you run a business, get visibility into data exfiltration events with Plixer One — a modern observability and defense platform. Like, Follow, and Stay Safe Online. I'm Peter for Plixer. Like, Sub, and Stay Safe Online.

Critical Threats: Microsoft Zero-Day & VMware Hypervisor Attacks – Are You Exposed?

 

Microsoft just issued an urgent warning about a critical zero-day in SharePoint Server (CVE-2025-53770) with a severity score of 9.8—and yes, it’s already under attack. Dubbed “ToolShell”, this vulnerability lets attackers drop web shells and steal encryption keys. Microsoft urges everyone to deploy mitigations NOW, enable Defender AV, and assume compromise. A patch isn’t out yet, but the threat is real—and possibly nation-state backed. At the same time, VMware environments are being targeted by Chinese-linked group Fire Ant and the notorious Scattered Spider gang. These attackers are: * Infiltrating vCenter and ESXi using known CVEs * Bypassing segmentation * Injecting commands from host to guest * Cloning VMs and deploying ransomware at the hypervisor layer They’re even using social engineering to hijack Active Directory accounts and pivot into vSphere—fast. And it’s not just nation-states. Ransomware crews are in on the action. Oh—and if you're in Australia, you might’ve heard about a driver's license database breach being used to track identities and locations. Phishing scams, identity theft, and hyper-targeted fraud are on the rise. Stay vigilant. Freeze your credit. Hang up on suspicious callers. https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/ https://www.securityweek.com/sharepoint-under-attack-microsoft-warns-of-zero-day-exploited-in-the-wild-no-patch-available/ https://cybersecuritynews.com/vgauth-flaws-of-vmware-tools/ 🔐 For deep observability and a modern defense platform that helps spot, stop, and investigate these threats fast—Plixer’s got your back. 🛡️ Stay safe. Stay alert. Subscribe for more cyber updates.

2025 Data Breach Surge: ITRC Reports 1,732 Compromises Already!

 

The Identity Theft Resource Center (ITRC) just dropped its H1 2025 Data Breach Report, and the numbers are already outpacing 2024 — 1,732 publicly reported compromises in just six months. If this trend continues, 2025 could be a record-breaking year for data breaches. Some Key Takeaways: * A 5% increase in breaches over 2024’s pace * Fewer mega breaches, but a huge jump in victim notices without root cause disclosures — now at 69% * Financial services and healthcare still the top targets * A surge in supply chain attacks and even physical breaches — yes, dumpster diving might be back * The danger of recycled data like reused logins and passwords https://www.idtheftcenter.org/publication/itrc-h1-2025-data-breach-report/ https://www.databreachtoday.com/topsy-turvy-data-breach-reality-incidents-up-victims-down-a-28995 Don’t forget: Plixer Field Guide Chapter 7 dives deep into Threat Mitigation — a perfect complement to this evolving cyber landscape. https://www.plixer.com/plixer-field-guide/ Stay secure, stay aware. Like, comment, and subscribe for more threat intelligence updates!

The McHire Breach: Old Mistakes in New Tech

 

Researchers discovered a serious vulnerability in McHire, McDonald’s AI-powered job application platform. The cause? An exposed API using the most basic credentials imaginable, possibly affecting 64 million job applicants. This is a case of cutting-edge AI combined with old-school security mistakes — and it may have exposed names, emails, phone numbers, and other personal info of tens of millions. Two researchers discovered that they could access the API with a Ramones-style song count-in and the username and password "123456." This highlights the dangers of combining new technology with old-school security mistakes. The full story is covered in a Wired article (and others): https://www.wired.com/story/mcdonalds-ai-hiring-chat-bot-paradoxai/ https://www.securityweek.com/mcdonalds-chatbot-recruitment-platform-leaked-64-million-job-applications/ https://www.csoonline.com/article/4020919/mcdonalds-ai-hiring-tools-password-123456-exposes-data-of-64m-applicants.html Platforms like Plixer One can help detect compromised APIs, data exfiltration, and break-ins before they spiral. Don’t let weak credentials be your weakest link. 👍 Like, 💬 comment, and 🔔 subscribe for more stories that blend cybersecurity, tech, and real-world impact.