News

SecurityWeek4h
Threat Actors Use SVG Smuggling for Browser-Native Redirection
The malicious code is hidden within a CDATA section of the SVG file and relies on a static XOR key to decrypt a payload at runtime. The decrypted code reconstructs a redirect command and builds a ...
Infosecurity Magazine4h
Threat Actors Exploit SVG Files in Stealthy JavaScript Redirects
Once opened in a browser, the code decrypts a secondary payload using a static XOR key and then redirects the user to an ...
Hackers are abusing 'FileFix' technique to drop RATs during ransomware attacks
FileFix is a new technique to deploy malware, born out of ClickFixIt works by tricking users into pasting commands into File ...
CSO Online5h
How phishers are weaponizing SVG images in zero-click, evasive campaigns
Seemingly harmless SVGs are packed with malicious JavaScript for a phishing redirect to actor-controlled URLs.
Malicious VSCode extension in Cursor IDE led to $500K crypto theft
A fake extension for the Cursor AI IDE code editor infected devices with remote access tools and infostealers, which, in one ...
Corporate Compliance Insights4d
Lab 1 Launches File Preview Feature for Data Breach Analysis
Lab 1 has launched a file preview capability designed to allow businesses to safely view exposed files from data breaches ...
Fabbaloo4d
Zoo Design Studio is a Free AI-Powered 3D CAD Tool With Parametric Modeling
There’s a new free AI-powered 3D CAD tool called “Zoo Design Studio”. Zoo Design is a California operation that has produced ...
SourceSecurity.com6d
Lab 1's File Previews: Securely view exposed files
Lab 1, the major AI, Exposed Data Intelligence platform, launched “File Previews”, an industry-first capability for ...