By Dakshitaa Babu, Security Researcher, SquareXIn a candid letter that Joshua Miller, CEO of Arc Browser, wrote to the community, he revealed a truth the tech industry has been dancing around: “the dominant operating system on desktop wasn’t Windows or macOS anymore — it was the browser.”The evidence is everywhere — cloud revenue surging ... Read More

By Tejeswara S Reddy, Security Researcher, SquareXBrand impersonation attacks occur when threat actors create convincing replicas of legitimate websites, communications, or digital assets to deceive users into believing they are interacting with a trusted entity. As traditional security measures struggle to keep pace, browser detection and response (BDR) capabilities are ... Read More

When security teams first spotted ClickFix in early 2024, few predicted it would last long in the threat landscape. Yet here we are in 2025, watching this simple attack continue its devastating march through organizations worldwide.Today, attackers don’t even need to create intricate algorithms to try to penetrate your enterprise ... Read More

SquareX’s Research Team Discovers a Vulnerability that Puts Millions of Users At RiskThe recent wave of OAuth attacks on Chrome extension developers have spotlighted browser extensions as a critical threat to enterprise security. However, most of these attacks have primarily been around data exfiltration or unauthorized access to specific web applications ... Read More

SquareX’s VDI Replacement Solution — Contractor & Developer Access through Secure Private EnvironmentsModern Virtual Desktop Infrastructure (VDI) solutions and Desktop as a Service (DaaS) have come a long way from their legacy predecessors. They’ve addressed several pain points around scalability, performance, and ease of management, providing a much better experience than traditional ... Read More

Convert the Browsers on BYOD / Unmanaged Devices into Secure Browsing SessionsAs modern enterprises continue to adapt to the flexible work culture, Bring Your Own Device (BYOD) policies have become a standard practice. However, protecting sensitive corporate data while maintaining user privacy and a seamless work experience has proven to be ... Read More

The HTML, CSS and Javascript Trojan Horse — Smuggling Malware through Web Resources‘Last Mile Reassembly Attacks’ evade every Secure Web Gateway in the market and deliver known malware to the endpointAt DEF CON 32, SquareX presented comprehensive research on the vulnerabilities of Secure Web Gateways (SWGs), which expose enterprises to myriad of client-side ... Read More

A Picture is Worth a Thousand Threats: Using Steganography to Deliver Malware Past Secure Web Gateways‘Last Mile Reassembly Attacks’ evade every Secure Web Gateway in the market and deliver known malware to the endpointAt DEF CON 32, SquareX showcased more than 30 vulnerabilities in Secure Web Gateways (SWGs), exposing how these widely ... Read More

‘Last Mile Reassembly Attacks’ evade every Secure Web Gateway in the market and deliver known malware to the endpointAt DEF CON 32, SquareX presented groundbreaking research curating vulnerabilities in Secure Web Gateways (SWGs) that leave organizations vulnerable to threats that these tools fail to detect. These traditional defenses, once considered the ... Read More

Vivek Ramachandran, Founder & CEO of SquareX, at DEF CON Main Stage.At DEF CON 32 this year, SquareX presented compelling research that revealed the shortcomings of Secure Web Gateways (SWG) in protecting the browser and demonstrated 30+ foolproof methods to bypass them. Anybody can test these bypasses against their SWG at ... Read More