A QRazy clever scam. [Research Saturday]

CyberWire Daily

N2K Networks, Inc.

News, Daily News, Tech News, Technology

4.8 • 1.1K Ratings

🗓️ 25 April 2026

⏱️ 18 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

This week, we are joined by Juliana Testa, Senior Security Engineer from 7AI, sharing their work on "Quish Splash - When the QR Code Is the Weapon: A Multi-Wave Phishing Campaign That Slipped Past Every Filter." A large-scale “quishing” campaign used QR codes embedded in image attachments to hide phishing URLs, allowing 28 out of 33 emails to bypass SPF, DKIM, DMARC, and Microsoft Defender and land directly in inboxes. Each recipient received a unique QR code and tracking ID, defeating traditional detection methods and enabling attackers to scale the campaign to over 1.6 million emails across multiple organizations while shifting execution to less-secure mobile devices. The attack was ultimately uncovered through AI-driven alerting combined with human analysis and threat hunting, highlighting a major blind spot in email security and the need for QR code inspection, mobile protections, and tighter auto-reply controls. The research and executive brief can be found here: Quish Splash - When the QR Code Is the Weapon: A Multi-Wave Phishing Campaign That Slipped Past Every Filter. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the Cyberwire Network, powered by N2K.
0:09.7	Quick question. Have you watched Project Hail Mary yet?
0:15.9	Humanity is facing an existential threat and racing to solve it with the clock ticking.
0:21.7	For security teams, that probably hits close to home with AI use, rapidly spreading.
0:27.6	Everyone's using AI, marketing, sales, engineering.
0:31.2	Chris the intern without security even knowing about it.
0:34.4	That's where Nudge security comes in.
0:37.0	Nudge finds Shadow AI apps,
0:39.4	integrations, and agents on day
0:41.2	one and helps you enforce policy
0:43.4	without blocking productivity.
0:45.7	Try it free at
0:46.8	Nudgesecurity.com
0:48.6	slash Cyberwire.
0:50.0	Thank you. Hello, everyone and welcome to the CyberWires Research Saturday.
1:04.0	I'm Dave Bittner, and this is our weekly conversation with researchers and analysts tracking down the threats and vulnerabilities,
1:11.9	solving some of the hard problems and protecting ourselves in a rapidly evolving cyberspace.
1:17.7	Thanks for joining us.
1:24.1	But there is something kind of weird about it.
1:26.1	It was a really large email file.
1:29.2	The attachment was exclusively a PDF,
1:32.0	but it appeared to also have image content that the AI within our product was pointing out.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.