There was an almost six-fold increase in phishing via SVG files in March 2025 compared to February, and over 4 000 of these emails have been detected globally since the beginning of the year. SVG is a ...

Brandt noted: "The SVG format provides the threat actors with yet another set of methodologies to conceal or obfuscate malicious content inside." The researchers first observed the spread of malicious ...

QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows.

However, threat actors are increasingly using SVG files in their phishing campaigns according to security researcher MalwareHunterTeam, who shared recent samples [1, 2] with BleepingComputer.