Bleeping Computer

New 'Blank Image' attack hides phishing scripts in SVG files

An unusual phishing technique has been observed in the wild, hiding empty SVG files inside HTML attachments pretending to be DocuSign documents. Security researchers at email security provider Avanan ...
TechRadar

Microsoft Outlook will no longer show inline SVG images regularly exploited in phishing attacks

Outlook stops showing inline SVG images to limit phishing and malware risks Microsoft continues retiring risky features across Office and Windows platforms for protection Company balances user impact ...