Bleeping Computer

New 'Blank Image' attack hides phishing scripts in SVG files

An unusual phishing technique has been observed in the wild, hiding empty SVG files inside HTML attachments pretending to be DocuSign documents. Security researchers at email security provider Avanan ...
TechSpot

Hackers are hiding malware in SVG images via fake Facebook posts

A hot potato: As more websites implement age verification checks, many users are migrating to smaller, less regulated sites – unintentionally increasing their risk of encountering malware.
Bleeping Computer

Phishing emails increasingly use SVG attachments to evade detection

Threat actors increasingly use Scalable Vector Graphics (SVG) attachments to display phishing forms or deploy malware while evading detection. Most images on the web are JPG or PNG files, which are ...