HTML smuggling Archives - Security Affairs

Pierluigi Paganini July 03, 2023

SmugX: Chinese APT uses HTML smuggling to target European Ministries and embassies

China-linked APT group was spotted using HTML smuggling in attacks aimed at Foreign Affairs ministries and embassies in Europe. A China-linked APT group was observed using HTML smuggling in attacks against Foreign Affairs ministries and embassies in Europe, reports the cybersecurity firm Check Point. The researchers tracked the campaign as SmugX and reported that it […]

Pierluigi Paganini December 15, 2022

Crooks use HTML smuggling to spread QBot malware via SVG files

Talos researchers uncovered a phishing campaign distributing the QBot malware to Windows systems using SVG files. Talos researchers uncovered a phishing campaign distributing the QBot malware using a new technique that leverages Scalable Vector Graphics (SVG) images embedded in HTML email attachments. HTML smuggling is a highly evasive technique for malware delivery that leverages legitimate HTML5 […]

Pierluigi Paganini November 12, 2021

HTML Smuggling technique used in phishing and malspam campaigns

Threat actors are increasingly using the HTML smuggling technique in phishing campaigns, Microsoft researchers warn. Microsoft experts warn that threat actors are increasingly using the HTML smuggling technique in phishing campaigns to stealthily deliver threats. HTML smuggling is a highly evasive technique for malware delivery that leverages legitimate HTML5 and JavaScript features. The malicious payloads are delivered via encoded […]

HTML smuggling

SmugX: Chinese APT uses HTML smuggling to target European Ministries and embassies

Crooks use HTML smuggling to spread QBot malware via SVG files

HTML Smuggling technique used in phishing and malspam campaigns

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft linked attacks on SharePoint flaws to China-nexus actors

Cisco confirms active exploitation of ISE and ISE-PIC flaws

SharePoint under fire: new ToolShell attacks target enterprises

CrushFTP zero-day actively exploited at least since July 18

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

QUICK LINKS

HTML smuggling

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!