Sophos X-Ops
Increase in phishing attacks with SVG files detected
Since January 2025, the Sophos X-Ops security team has seen a significant increase in malware and phishing attacks distributed via SVG graphic files.
Cyber criminals use the SVG format to circumvent protection mechanisms and infiltrate malicious code into computer systems unnoticed. SVG files, which are widely used as scalable vector graphics, contain XML code in addition to image information. This feature enables attackers to embed malicious code directly into the files, which is executed in the background when opened. This allows traditional detection mechanisms to be bypassed. The security experts at Sophos X-Ops have been monitoring this attack strategy more closely since 2024.
"We know that cyber criminals use the SVG file format for their attacks, and we have adapted our protection solutions accordingly. What is particularly problematic is that the user receives no visible indication of a threat, as the attacks take place in the background. That's why detection methods, especially AI-based technologies, need to be increasingly trained to identify unusual activity," explains Michael Veit, cybersecurity expert at Sophos.
Increasingly sophisticated attacks
According to Sophos X-Ops, attack methods are constantly evolving. In addition to technically improved attack techniques, targeted localized phishing pages have also been discovered that are designed in the victims' respective national language. This increases the credibility of the attacks and makes them more difficult to detect.
You might also be interested in
New Vice President of Global Partner Ecosystem appointed
Effective immediately, John Ryan is the new Vice President of Global Partner Ecosystem at Claroty, a specialist in the security of cyber-physical systems (CPS).
read more...Increasing cyberattacks on the manufacturing sector
A report from Check Point Exposure Management on the threat landscape in the manufacturing industry shows a dramatic increase in ransomware, supply chain attacks and OT-related cyber incidents. As smart factories and connected supply chains become...
read more...Cybersecurity is a top priority for car manufacturers
The latest "Automotive Manufacturing Outlook Survey" from ABB Robotics shows that cyber security has become the most important focus for automotive manufacturers around the world. This indicates a clear change in the perception of digital risks.
read more...Cloud security often inadequate
According to Red Hat's "State of Cloud-native Security" Report 2026, 97% of the companies surveyed with hybrid cloud environments reported security incidents within a year. This is based on data from around 600 IT specialists.
read more...CRA guide for Powerlink checked
TÜV Rheinland has audited the "CRA Guide for Powerlink" from B&R. The guide is one of the first independently audited technical documentations for the implementation of the EU Cyber Resilience Act in automation.
read more...Dragos expands collaboration with Microsoft
Dragos, a global provider of cyber security for OT environments, is expanding its collaboration with Microsoft. The aim is to support companies in modernizing and securing their cyber-physical operating processes.
read more...All for One acquires stake in BrightFlare
All for One acquires a minority stake of 25.1% in the Austrian company BrightFlare. BrightFlare is a cybersecurity services provider for the protection of industrial plants and critical infrastructures.
read more...Check Point Cyber Security Report 2026
More attacks on German companies
The new "Cyber Security Report 2026" from Check Point shows a significant increase in cyberattacks on German organizations by 2025. The education sector is particularly affected and is well above the national average.
read more...Claroty appoints new Chief Revenue Officer
James Love is the new Chief Revenue Officer (CRO) of Claroty, a specialist in the security of cyber-physical systems (CPS).
read more...