News

Adult sites are stashing exploit code inside racy .svg files

Dozens of porn sites are turning to a familiar source to generate likes on Facebook—malware that causes browsers to ...
Ars Technica19y

Calling javascript functions from embedded svg | Ars OpenForum

Calling javascript functions from embedded svg BlackHex Aug 2, 2006 Jump to latest Follow Reply ...

Hackers are hiding malware in SVG images via fake Facebook posts

As more countries require age verification for adult websites, some smaller sites are resorting to hidden malware schemes to boost their popularity on social media platforms ...
Bleeping Computer2y

Attackers use SVG files to smuggle QBot malware onto ... - BleepingComputer

This attack is made through embedded SVG files containing JavaScript that reassemble a Base64 encoded QBot malware installer that is automatically downloaded through the target's browser.
Bleeping Computer9mon

Phishing emails increasingly use SVG attachments to evade detection

Other campaigns utilize SVG attachments and embedded JavaScript to automatically redirect browsers to sites hosting phishing forms when the image is opened. The problem is that since these files ...
eWeek11y

Adobe Open-Sources Snap.svg JavaScript Library on GitHub

Adobe Systems has released a new, free open-source JavaScript library called Snap.svg on GitHub for Web designers and developers working with Scalable Vector Graphics (SVG).
Infosecurity-magazine.com1mon

Threat Actors Exploit SVG Files in Stealthy JavaScript Redirects

Unlike previous SVG-based threats that relied on hosted payloads or third-party file sharing, this campaign runs entirely within the client’s browser. By avoiding executable drops and leveraging ...