Picture Imperfect: The Risk of Malicious JPGs
Barracuda Networks Blog, April 28,2026
Cybercriminals are exploiting JPG image files to deliver malware while bypassing traditional security measures.
Cybercriminals are increasingly leveraging everyday image formats like JPGs to deliver hidden malware, making detection more difficult for users and organizations. Malicious images disguise harmful data within seemingly safe files, bypassing traditional security focused on emails and links.
Recent attacks have involved MSI images containing the XWorm trojan that were delivered via email attachments, with the malware executing through PowerShell and using Telegram for command-and-control. Additionally, AI-based image downscaling vulnerabilities allow attackers to embed hidden instructions in images that are only visible when downscaled, potentially leading to data exfiltration or APT deployment.
Companies can mitigate these risks through employee training, a report-first security culture, restricted AI input dimensions, and explicit confirmation requirements for sensitive tool calls.