SquareX has shared an update. The company highlighted a phishing technique in which attackers use malicious SVG files attached to emails to bypass traditional Secure Web Gateways. These SVG files execute scripts locally, redirecting users to spoofed login pages for platforms such as Salesforce, where credentials can be harvested before any network-based security tools detect the threat. SquareX reports that its Browser Detection and Response technology can identify brand spoofing in real time and block credential submission, even when the attack originates from local files rather than external web links.
Claim 55% Off TipRanks
- Unlock hedge fund-level data and powerful investing tools for smarter, sharper decisions
- Discover top-performing stock ideas and upgrade to a portfolio of market leaders with Smart Investor Picks
For investors, this update underscores SquareX’s focus on addressing emerging threat vectors that evade conventional network security controls. As enterprises increasingly adopt browser-based and cloud applications, capabilities that operate at the browser level may become more strategically important in cybersecurity stacks. If SquareX’s solution proves effective at mitigating these advanced phishing techniques and gains traction with large enterprise customers, it could support stronger recurring revenue growth and improve the company’s competitive positioning against traditional gateway-based security vendors. The emphasis on local-file-origin attacks also positions SquareX to benefit from rising demand for endpoint- and browser-centric security solutions in the broader enterprise security market.