Industry News  LLM-Crafted SVG Files: The Ultimate Email Security Hack
Industry News

LLM-Crafted SVG Files: The Ultimate Email Security Hack

SecuredyouadmSecuredyouadmSeptember 29, 20250
PinterestLinkedInTumblrRedditVKWhatsApp
More stories



Microsoft recently highlighted a new phishing campaign targeting U.S.-based organizations, utilizing code generated using large language models (LLMs) to evade security defenses. The campaign, detected on August 28, 2025, showcases threat actors incorporating artificial intelligence (AI) tools to craft convincing phishing lures and automate malware obfuscation. In this attack, compromised business email accounts were used to send phishing messages disguised as file-sharing notifications, with the actual targets hidden in the BCC field to bypass detection heuristics.

The attackers employed Scalable Vector Graphics (SVG) files to deliver interactive phishing payloads, embedding JavaScript and dynamic content within the files to appear benign to users and security tools. The SVG file format’s support for invisible elements and delayed script execution allows adversaries to sidestep static analysis and sandboxing. The phishing messages used self-addressed email tactics and business-related language to deceive recipients into opening the SVG files, redirecting them to fake login pages to harvest credentials.

Microsoft’s analysis revealed that the SVG files in this campaign were obfuscated using business-related terms, indicating possible generation using an LLM. The payload’s core functionality was obscured with a sequence of business terms, redirecting users to phishing landing pages, triggering browser fingerprinting, and initiating session tracking. The complexity and verbosity of the code suggested it was not human-written, leading to the conclusion that similar techniques are being adopted by various threat actors.

In a separate attack sequence detailed by Forcepoint, phishing emails with .XLAM attachments were used to execute shellcode deploying XWorm RAT through secondary payloads. The multi-stage attack involved loading heavily obfuscated .DLL files in memory, maintaining persistence, and exfiltrating data to command-and-control servers related to the XWorm family. Recent phishing attacks have also utilized lures related to the U.S. Social Security Administration and copyright infringement to distribute information stealers like Lone None Stealer and PureLogs Stealer, demonstrating evolving complexity and novel delivery methods.



Source link

PinterestLinkedInTumblrRedditVKWhatsApp

Securedyouadm

Cybersecurity – Identity and Access Management (SailPoint) – Sr Associate
The impact of climate change on our planet is becoming increasingly evident, with rising global temperatures, more frequent extreme weather events, and melting polar ice caps. These changes are not only affecting the environment, but also posing significant risks to human health and well-being. The World Health Organization has warned that climate change is the greatest threat to global health in the 21st century, as it is exacerbating existing health problems and creating new ones.

One of the most immediate health risks associated with climate change is the spread of infectious diseases. Rising temperatures and changing precipitation patterns are creating favorable conditions for the proliferation of disease-carrying vectors such as mosquitoes and ticks. This has led to an increase in cases of diseases like malaria, dengue fever, and Lyme disease in many parts of the world. In addition, extreme weather events such as hurricanes and floods can disrupt health care systems and lead to outbreaks of waterborne diseases.

Air pollution is another major health concern linked to climate change. The burning of fossil fuels for energy production releases pollutants into the air that can cause respiratory problems, cardiovascular disease, and other health issues. Higher temperatures and increased air pollution can also worsen allergies and asthma, particularly in vulnerable populations such as children and the elderly. In urban areas, heatwaves exacerbated by climate change can lead to heat-related illnesses and even death.

The impacts of climate change on mental health should not be overlooked. Natural disasters and extreme weather events can cause trauma, anxiety, and depression among those affected. Displacement due to climate-related events can also lead to social isolation and loss of community support systems, further exacerbating mental health issues. As the frequency and intensity of these events continue to rise, mental health services will need to be prepared to address the growing needs of affected populations.

In order to mitigate the health risks of climate change, urgent action is needed at both the individual and societal levels. This includes reducing greenhouse gas emissions, transitioning to renewable energy sources, and implementing policies to adapt to the changing climate. Public health officials must also prioritize climate change as a health issue and work to build resilience in communities through improved infrastructure, emergency preparedness, and access to healthcare services. By taking proactive measures to address the health impacts of climate change, we can protect the well-being of current and future generations.
Related posts
Load more
Leave a Reply

Your email address will not be published. Required fields are marked *

Read also
Load more