Core Insights - SquareX has identified and disclosed Last Mile Reassembly attacks, which allow attackers to bypass major SASE/SSE solutions and smuggle malware through browsers [2][3] - Palo Alto Networks has publicly acknowledged the limitations of Secure Web Gateways in defending against these attacks, marking a significant shift in the cybersecurity landscape [3][6] - The emergence of browser-based attacks necessitates a focus on browser-native security solutions, as traditional proxy solutions are insufficient [3][4] Last Mile Reassembly Attacks - Last Mile Reassembly attacks exploit architectural limitations of Secure Web Gateways (SWGs) to smuggle malicious files through the proxy layer, reassembling them as functional malware in the victim's browser [4][6] - Attackers can break malware into chunks that do not trigger detection by SWGs, allowing them to bypass proxy inspection [4] - Over 20 techniques exist that can completely bypass SWGs, highlighting vulnerabilities across major SASE/SSE vendors [6] Data Splicing Attacks - SquareX's research has shown that Last Mile Reassembly techniques can also be used to exfiltrate sensitive data, bypassing endpoint DLP and cloud SASE/SSE DLP solutions [7] - The rise of peer-to-peer file sharing sites allows users to send files without DLP inspection, increasing the risk of data breaches [8] Browser Security Research - SquareX has initiated a research project called "The Year of Browser Bugs," disclosing significant architectural vulnerabilities monthly since January [9] - The research includes critical findings such as Polymorphic Extensions and Passkeys Pwned, which pose threats to user credentials and security [9][10] - The company has discovered over 10 zero-day vulnerabilities in browsers, emphasizing the need for proactive security measures [10] Collaboration and Education - SquareX has collaborated with CISOs from major enterprises to produce "The Browser Security Field Manual," aimed at educating cybersecurity practitioners on modern threats and mitigation techniques [10]