SVG-based attacks have sharply pivoted toward phishing campaigns, with a staggering 1800% increase in early 2025 compared to data collected since April 2024. A notable surge in campaigns was observed in Q1 of 2025, peaking in March. These are driven largely by the emergence of Attack-in-the-middle (AITM) Phishing-as-a-Service (PhaaS) platforms such as Tycoon2FA, which have significantly amplified the effectiveness and prevalence of these deceptive tactics.

Source ->