News

Seemingly harmless SVGs are packed with malicious JavaScript for a phishing redirect to actor-controlled URLs.
The malicious code is hidden within a CDATA section of the SVG file and relies on a static XOR key to decrypt a payload at ...
Once opened in a browser, the code decrypts a secondary payload using a static XOR key and then redirects the user to an attacker-controlled site via the window.location.href function. These URLs ...
SVG is an image file format that's used to store scalable vector graphics (SVG) using XML syntax. Unknown to most is that developers can also embed JavaScript code in SVG files.
Google has confirmed a bug within the Google AdWords Image Ads feature, with advertisers who try to upload SVG images as embedded images.Cassie from Google confirmed the bug last night saying: We hear ...