Defending Against Last-Mile Reassembly Attacks
Zscaler, Friday, October 10th, 2025
Reassembly attacks are a form of client-side attacks, including HTML smuggling, that have rapidly evolved into a favored technique among cybercriminals: they bypass conventional security controls and deliver malicious payloads onto endpoints.
By exploiting the flexibility of HTML and JavaScript, adversaries can embed harmful files directly into web pages, effectively bypassing content filters and traditional security defenses. Moreover, threat actors never stop innovating and have begun leveraging advanced technologies like WebAssembly (WASM) to make these smuggling campaigns even harder to detect by traditional security measures like legacy firewalls and web gateways.