Palo Alto Networks Acknowledges SquareX Research on Limitations of SWGs Against Last Mile Reassembly Attacks

0 4 minutes read

Palo Alto Networks Acknowledges SquareX Research on Limitations of SWGs.jpg

Palo Alto, California, September 18, 2025, Cybernewswire

It was first discovered and discovered last year, and the security community, which includes more than 20 attacks, warned the attackers to overcome all the main Sase/SSE solutions and smuggle malware through the browser. Despite the responsible disclosure of all SSE/SSE service providers, no seller made an official statement to warn her customers of the past 13 months – up to two weeks.

Since more attackers benefit from the recent reassurance techniques for the exploitation of institutions, SSE/SSE sellers have begun to realize that the agent’s solutions are no longer sufficient to protect against the browser attacks, with the fact that Palo Alto networks are the first that does not mean that safe web gates are not defending the last front engineer. In the Palo Alto networks, the attack realized that “encrypted and dribbling attacks gather inside the browser and exceed the traditional safe web gates.” The version also realized that “the browser has become the new operating system for the institution, the main interface for male applications and cloud applications. Ensuring it is not optional.”

This represents the moment of water gatherings in cybersecurity, where the current SASE/SSE seller admits the audience of the basic restrictions of safe web gates (SWGS) and admits the decisive importance of the original security solutions to the browser – exactly what Squarex has been defending since the pioneer in this research.

What are the re -assembly attacks?

The latest attack on miles is a category of technologies that use the architectural restrictions of SWGS to smuggle malicious files through the agent layer, only to reassemble them as functional harmful programs in the victim’s browser. In one of the methods, attackers break harmful programs into different parts. Individually, no of these pieces are discovered by SWGS. Once the agent’s examination exceeds, harmful programs are re -assembled in the browser.

In another example, attackers evaded these harmful files via bilateral channels such as Webrtc, GRPC and Websortets. These are the common communication channels used by web applications such as video conferences and broadcasting tools, but they are not fully available by SWGS. In fact, many SWGS publicly admits this on their website and their customers recommend disrupting these channels.

In total, there are more than 20 such techniques that completely exceed Swgs. Although the Palo Alto networks are the first to publicly recognize this restriction, Squarex has proven that all the main sellers of SSE/SSE are in contact with multiple solutions as part of responsible disclosure and discussing alternative protection mechanisms.

Data connection attacks: Exfiltrating data with reinforcement techniques The last tilt

Since the discovery of reassurance attacks at the last mile, the Squarex research team has conducted more research to see how attackers can take advantage of these technologies to steal sensitive data. In BSIDES San Francisco this year, Squarex’s talk showed how to use similar techniques by internal threats and attackers to share secret files and sensitive data for copying in the browser, which exceeds both DLP solutions at the end point and Cloud Sase/SSE DLP. In fact, there was the appearance of P2P file sharing sites that allow users to send any file without a DLP examination.

General of the residue of the browser: the leading browser security research

Since the browser becomes one of the most popular arrival points for the attackers, Al -Muzleb Security Research plays an important role in understanding the attacks on the browser browser and defending them. Inspired by the impact of the reinforcement of the last mile, Squarex launched a research project called, as it revealed a major architectural vulnerability every month since January. Some potential research includes a harmful extension that can silently impersonate password managers and encryption portfolios to steal accreditation/encryption data, and the main implementation of the main Passkey key was revealed in Def Con 33 this year.

“Research has always been an essential part of the DNA in Squarex. We believe that the only way to defend the edge of bleeding is to be one step on the attackers. Last year alone, we discovered more than 10 weaknesses on the zero day in the browser, which we revealed about identifying work detection,”. One of the latest reassurance attacks represents a major shift in the current perspectives on the security of the browser.

As part of their mission to further teach security in the browser, Squarex cooperated with CISO from major companies such as Campbell’s and Arista Networks for writing. The book was launched in Black Hat this year, as a technical guide for cybersecurity to learn about the edge of bleeding and mitigation techniques.

Using Adel evacuating responsibility

This site may contain copyright -protected materials (including but not limited to the networks made by Palo Alto on September 4, 2025), which have not always been used specifically by the copyright owner. These materials are provided to settle the understanding of issues related to the recent reassurance attacks, which must be a “fair use” of any copyright -protected material as stipulated under the laws in force. If you want to use copyrights protected from this site for your own purposes that exceed fair use, you must obtain permission from the author of the copyright in question.

About Squarex

Extension Browser converts any browser on any device into a safe browser at the level of the institution. The first browser and response detection solution (BDR) in Squarex enables institutions proactively against the original threats in the browser including attacks on reinforcement on the last mile, rogue artificial intelligence agents, malignant accessories and identity attacks. Unlike the browsers of customized institutions, Squarex is smoothly integrated with the current consumer browsers for users, providing safety without compromising the user experience. Users can learn more about the innovation led by research in Squarex in.