Upgrading Scams With QR Codes

This edition outlines a diverse range of modern digital threats, emphasizing the rise of QR code phishing and AI-driven fraud. It highlights critical geopolitical tensions, specifically noting increased cyber espionage from Iranian hackers targeting vital infrastructure. Look out for significant institutional shifts, such as proposed budget cuts for CISA and a growing skills gap within the cybersecurity workforce. Stay safe, cultivate proactive defense strategies against deep fakes and impersonation scams.

Daniel Masterson, Ai Courtrie Buson & Bard Gee
April 10, 2026

HX Weekly
^{by Hexagon Center}

for the week of April 5, 2026, 116th edition

Your quick weekend update and reminder.

☝️ TWA

Traffic violation scams switch to QR codes in new phishing texts

Photo by Albert Hu on Unsplash

While new phishing texts are in full swing, it is important to remember that traditional ones are still being used. I just received one this week.

🤷‍♀️ What now?: Watch out for unsolicited QR codes. It might be fun to scan a QR code but the consequences may be devastating. Additionally, never respond to unsolicited texts you’re not familiar with.

Tools: Cultivate good cyber hygiene by not frivolously scanning QR codes and respond to unsolicited texts and calls.

Meanwhile … Harvard Warns of Active Cyberattack Impersonating IT Staff and Targeting Affiliates

LOOK OUT ◉_◉ US warns of Iranian hackers targeting critical infrastructure

MUST READ: White House Seeks to Slash CISA Funding by $707 Million

Echos: Iran Deploys 'Pseudo-Ransomware,' Revives Pay2Key Operations

📰 Headline Highlights

In other news, Minnesota governor sends national guard to county after cyberattack

GOOD READ: US cybercrime losses pass $20B for first time as AI boosts online fraud

about this edition and Inside Hexagon

It always starts out slow and then things just happen and the news bucket fills up and overflows. While our job is to curate the news and compile them for the newsletter, out main purpose is to keep our readers vigilant. Share with us your experience, what helps you and what you would like to see in future editions.

SANS 2026 report flags cybersecurity skills crisis, putting critical infrastructure and OT sectors at measurable breach risk

Inside Hexagon

Have you heard about T3? Go to our YouTube channel to learn about another weekly cybersecurity program that we’ve just created. Tell us what themes you’d like to see for future editions.

HOUSEKEEPING

Glossary/Legend:

Zero Trust - a strategic cybersecurity framework based on the principle of "never trust, always verify," requiring strict identity authentication and authorization for every user and device, whether inside or outside the network perimeter. It assumes breach, removes implicit trust, and employs granular, least-privilege access controls to protect resources.
Holistic security - a comprehensive strategy that integrates various protection layers—physical, digital, psycho-social, and organizational—to safeguard individuals, communities, or systems, recognizing that true security involves overall well-being, not just isolated technical defenses.

Personal Identifier - A unique word or phrase shared exclusively with an individual or a group, serving as a means of identification and affirmation within the established relationship. It is recommended that 2 or more Personal Identifiers be established per person.
Malware (short for malicious software) - refers to any intrusive software developed by cybercriminals (often called hackers) to steal data and damage or destroy computers and computer systems.
Ransomware - A type of malware that locks or encrypts a victim's files and demands a ransom payment to unlock and decrypt them. Ransomware can infect a variety of devices, including computers, smartphones, printers, and more.

Privacy Notice: HX Weekly and the Hexagon Center are committed to your digital security. We do not collect, track, or store any personal information from our subscribers beyond the email address provided for delivery.

Spread cybersecurity culture

Do you have any suggestions on how we can further share this newsletter? Tell your friends and family about us by sharing with them the Hexagon Center official website:

hexagoncenter.org

View archives at hxweekly.beehiiv.com

Even though we aim to provide you the most current and critical information to keep you safe, threat actors work 24/7 and this newsletter publishes only once a week. Even though we are available via a hotline, it is crucial that you stay up to date via other sources as well to be informed on how you may be at risk.

You may reply to this newsletter or email us at
[email protected]

Send us any questions or things you want to talk about. Please share some fun facts with us. We welcome feedback and suggestions.

_{Hexagon Center is formed as a nonprofit corporation in California for public benefit,}
_{and is tax-exempt under section 501(c)(3) of the Internal Revenue Code.}

_DISCLAIMER

_{Cybersecurity is an ever-changing field, and threats may evolve. While Hexagon Center strives to provide accurate and timely information, we cannot guarantee absolute security. Users are responsible for implementing their security measures and staying informed about the latest cybersecurity developments. Hexagon Center is}_not_{responsible for any cyber or scam attacks by our readers. HX Weekly tips are advice are not official positions of Hexagon Center nor is Hexagon Center responsible for its content.}

Content of this newsletter is not an official representation of Hexagon Center.

_{SEE MORE DISCLAIMER HERE}

Reply

or to participate.