Microsoft highlights a sophisticated phishing campaign targeting U.S.-based organizations using AI-generated obfuscated SVG payloads to evade detection. The attack leverages business terminology to mask malicious intent and employs advanced code obfuscation techniques, illustrating the increasing use of AI tools by threat actors. #XWorm #SVGPhishing
Keypoints
- Threat actors used AI-generated code to hide malicious activity within SVG files.
- The phishing campaign targeted organizations by masquerading as business communication and file-sharing alerts.
- SVGβs scriptability and features like invisible elements help attackers bypass static analysis.
- Obfuscated code used business-related language to disguise its core malicious functions.
- Similar techniques are being employed in broader campaigns, including malware delivery using advanced obfuscation and social engineering.
Read More: https://thehackernews.com/2025/09/microsoft-flags-ai-driven-phishing-llm.html