News

CSO Online10d
How phishers are weaponizing SVG images in zero-click, evasive campaigns
Seemingly harmless SVGs are packed with malicious JavaScript for a phishing redirect to actor-controlled URLs.
SecurityWeek10d
Threat Actors Use SVG Smuggling for Browser-Native Redirection
The malicious code is hidden within a CDATA section of the SVG file and relies on a static XOR key to decrypt a payload at ...
HealthcareInfoSecurity10d
North Korea Floods NPM Registry with Malware
North Korean threat actors escalated their software supply chain attacks by uploading 67 new malicious packages to the npm ...
Delete Any Emails That Include These Images On Your Phone Or PC
Because these attackers leverage spoofed domains and senders to trick you, it isn’t as easy as just avoiding emails from unknown senders. Instead, you should delete any email with an .SVG attachment ...