Bleeping Computer

New 'Blank Image' attack hides phishing scripts in SVG files

An unusual phishing technique has been observed in the wild, hiding empty SVG files inside HTML attachments pretending to be DocuSign documents. Security researchers at email security provider Avanan ...
TechRadar

Microsoft blocks phishing scam which used AI-generated code to trick users

AI generated code used in phishing campaign, blocked by Microsoft Defender Attackers used SVG file disguised as PDF, with hidden business themed code inside Security Copilot flagged AI style traits, ...
Bleeping Computer

Attackers use SVG files to smuggle QBot malware onto Windows systems

QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows. This attack is made through ...