{"id":335,"date":"2026-01-17T08:00:00","date_gmt":"2026-01-17T16:00:00","guid":{"rendered":"https:\/\/hexagoncenter.org\/spotlight\/?p=335"},"modified":"2026-01-16T20:55:54","modified_gmt":"2026-01-17T04:55:54","slug":"this-week-in-hx-weekly-january-11-2026-to-january-17-206","status":"publish","type":"post","link":"https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/","title":{"rendered":"This week in HX Weekly (January 11, 2026 to January 17, 206"},"content":{"rendered":"\n

This week’s cybersecurity landscape was dominated by the FBI’s urgent warning regarding “quishing”\u2014a sophisticated QR code phishing campaign by North Korean group Kimsuky that bypasses traditional email filters and multi-factor authentication.<\/strong><\/p>\n\n\n\n

The group is specifically targeting policy experts, NGOs, and academics by embedding malicious QR codes in emails. Because these codes are images, they bypass most corporate email filters, and once scanned, they redirect users to mobile-optimized phishing pages that can steal session tokens, allowing hackers to bypass Multi-Factor Authentication (MFA) entirely.<\/strong><\/p>\n\n\n\n

\n

What to watch for:<\/strong><\/p>\n\n\n\n

\u2022 Spoofed Senders: Emails appearing to be from HR, IT, or external partners (embassies, journalists) asking you to scan a code to access a “secure document” or “questionnaire.”<\/strong><\/p>\n\n\n\n

\u2022 The Mobile Pivot: Attacks often try to move you from your laptop to your personal phone, where we have fewer security protections.<\/strong><\/p>\n\n\n\n

\u2022 Fake Logins: Be wary of any QR code that leads to a Microsoft 365, Okta, or Google login page.<\/strong><\/p>\n<\/blockquote>\n\n\n\n

Our Policy: Never scan a QR code in an email to log into a work account. If you receive a QR code you weren’t expecting, please report it via the [Report Phishing] button or contact IT directly.<\/strong><\/p>\n\n\n\n

This alert coincided with the release of the 2026 Allianz Risk Barometer, which ranked cyber incidents as the top global business threat for the fifth consecutive year, with AI-driven risks rising sharply to the second spot.<\/strong><\/p>\n\n\n\n

On the regulatory and defense front, the Department of Homeland Security launched a new $115 million drone and counter-drone office to secure major upcoming events like the 2026 FIFA World Cup, while CISA added a critical, unpatched vulnerability in the Gogs Git service to its “Known Exploited” list following widespread active attacks.<\/strong><\/p>\n\n\n\n

Rounding out the week, the European Space Agency (ESA) confirmed a massive data exposure involving over 700GB of scientific and contractor data, highlighting the persistent vulnerability of high-value research institutions to state-sponsored and criminal intrusion.<\/strong>
<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

This week’s cybersecurity landscape was dominated by the FBI’s urgent warning regarding “quishing”\u2014a sophisticated QR code phishing campaign by North Korean group Kimsuky that bypasses traditional email filters and multi-factor authentication. The group is specifically targeting policy experts, NGOs, and academics by embedding malicious QR codes in emails. Because these codes are images, they bypass […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-335","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"\nThis week in HX Weekly (January 11, 2026 to January 17, 206 - HX Spotlight Files<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"This week in HX Weekly (January 11, 2026 to January 17, 206 - HX Spotlight Files\" \/>\n<meta property=\"og:description\" content=\"This week’s cybersecurity landscape was dominated by the FBI’s urgent warning regarding “quishing”\u2014a sophisticated QR code phishing campaign by North Korean group Kimsuky that bypasses traditional email filters and multi-factor authentication. The group is specifically targeting policy experts, NGOs, and academics by embedding malicious QR codes in emails. Because these codes are images, they bypass […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/\" \/>\n<meta property=\"og:site_name\" content=\"HX Spotlight Files\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-17T16:00:00+00:00\" \/>\n<meta name=\"author\" content=\"Editorial\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Editorial\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\\\/\"},\"author\":{\"name\":\"Editorial\",\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/#\\\/schema\\\/person\\\/2f8219c99512366965821b725b05cbb8\"},\"headline\":\"This week in HX Weekly (January 11, 2026 to January 17, 206\",\"datePublished\":\"2026-01-17T16:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\\\/\"},\"wordCount\":322,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/#organization\"},\"articleSection\":[\"Default\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\\\/\",\"url\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\\\/\",\"name\":\"This week in HX Weekly (January 11, 2026 to January 17, 206 - HX Spotlight Files\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/#website\"},\"datePublished\":\"2026-01-17T16:00:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"This week in HX Weekly (January 11, 2026 to January 17, 206\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/#website\",\"url\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/\",\"name\":\"HX Spotlight Files\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/#organization\",\"name\":\"HX Spotlight Files\",\"url\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/logo.webp\",\"contentUrl\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/logo.webp\",\"width\":338,\"height\":72,\"caption\":\"HX Spotlight Files\"},\"image\":{\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/#\\\/schema\\\/person\\\/2f8219c99512366965821b725b05cbb8\",\"name\":\"Editorial\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9314bba5e6586f27b7eb074fdb0b5601ac3c14d10a8e559210e60bb9d69b4f4f?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9314bba5e6586f27b7eb074fdb0b5601ac3c14d10a8e559210e60bb9d69b4f4f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9314bba5e6586f27b7eb074fdb0b5601ac3c14d10a8e559210e60bb9d69b4f4f?s=96&d=mm&r=g\",\"caption\":\"Editorial\"},\"url\":\"https:\\\/\\\/hexagoncenter.org\\\/spotlight\\\/author\\\/ldsdaniel\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"This week in HX Weekly (January 11, 2026 to January 17, 206 - HX Spotlight Files","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/","og_locale":"en_US","og_type":"article","og_title":"This week in HX Weekly (January 11, 2026 to January 17, 206 - HX Spotlight Files","og_description":"This week’s cybersecurity landscape was dominated by the FBI’s urgent warning regarding “quishing”\u2014a sophisticated QR code phishing campaign by North Korean group Kimsuky that bypasses traditional email filters and multi-factor authentication. The group is specifically targeting policy experts, NGOs, and academics by embedding malicious QR codes in emails. Because these codes are images, they bypass […]","og_url":"https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/","og_site_name":"HX Spotlight Files","article_published_time":"2026-01-17T16:00:00+00:00","author":"Editorial","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Editorial","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/#article","isPartOf":{"@id":"https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/"},"author":{"name":"Editorial","@id":"https:\/\/hexagoncenter.org\/spotlight\/#\/schema\/person\/2f8219c99512366965821b725b05cbb8"},"headline":"This week in HX Weekly (January 11, 2026 to January 17, 206","datePublished":"2026-01-17T16:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/"},"wordCount":322,"commentCount":0,"publisher":{"@id":"https:\/\/hexagoncenter.org\/spotlight\/#organization"},"articleSection":["Default"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/","url":"https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/","name":"This week in HX Weekly (January 11, 2026 to January 17, 206 - HX Spotlight Files","isPartOf":{"@id":"https:\/\/hexagoncenter.org\/spotlight\/#website"},"datePublished":"2026-01-17T16:00:00+00:00","breadcrumb":{"@id":"https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/hexagoncenter.org\/spotlight\/this-week-in-hx-weekly-january-11-2026-to-january-17-206\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/hexagoncenter.org\/spotlight\/"},{"@type":"ListItem","position":2,"name":"This week in HX Weekly (January 11, 2026 to January 17, 206"}]},{"@type":"WebSite","@id":"https:\/\/hexagoncenter.org\/spotlight\/#website","url":"https:\/\/hexagoncenter.org\/spotlight\/","name":"HX Spotlight Files","description":"","publisher":{"@id":"https:\/\/hexagoncenter.org\/spotlight\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/hexagoncenter.org\/spotlight\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/hexagoncenter.org\/spotlight\/#organization","name":"HX Spotlight Files","url":"https:\/\/hexagoncenter.org\/spotlight\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/hexagoncenter.org\/spotlight\/#\/schema\/logo\/image\/","url":"https:\/\/hexagoncenter.org\/spotlight\/wp-content\/uploads\/2023\/04\/logo.webp","contentUrl":"https:\/\/hexagoncenter.org\/spotlight\/wp-content\/uploads\/2023\/04\/logo.webp","width":338,"height":72,"caption":"HX Spotlight Files"},"image":{"@id":"https:\/\/hexagoncenter.org\/spotlight\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/hexagoncenter.org\/spotlight\/#\/schema\/person\/2f8219c99512366965821b725b05cbb8","name":"Editorial","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/9314bba5e6586f27b7eb074fdb0b5601ac3c14d10a8e559210e60bb9d69b4f4f?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9314bba5e6586f27b7eb074fdb0b5601ac3c14d10a8e559210e60bb9d69b4f4f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9314bba5e6586f27b7eb074fdb0b5601ac3c14d10a8e559210e60bb9d69b4f4f?s=96&d=mm&r=g","caption":"Editorial"},"url":"https:\/\/hexagoncenter.org\/spotlight\/author\/ldsdaniel\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/hexagoncenter.org\/spotlight\/wp-json\/wp\/v2\/posts\/335","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hexagoncenter.org\/spotlight\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hexagoncenter.org\/spotlight\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hexagoncenter.org\/spotlight\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hexagoncenter.org\/spotlight\/wp-json\/wp\/v2\/comments?post=335"}],"version-history":[{"count":1,"href":"https:\/\/hexagoncenter.org\/spotlight\/wp-json\/wp\/v2\/posts\/335\/revisions"}],"predecessor-version":[{"id":336,"href":"https:\/\/hexagoncenter.org\/spotlight\/wp-json\/wp\/v2\/posts\/335\/revisions\/336"}],"wp:attachment":[{"href":"https:\/\/hexagoncenter.org\/spotlight\/wp-json\/wp\/v2\/media?parent=335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hexagoncenter.org\/spotlight\/wp-json\/wp\/v2\/categories?post=335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hexagoncenter.org\/spotlight\/wp-json\/wp\/v2\/tags?post=335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}