HTML smuggling helps attackers bypass network security tools by using the features in HTML5 and JavaScript code to deliver file downloads. HTML smuggling isn’t a new technique, but it’s generating new attention as a threat to watch in reports of recent attack campaigns that use the method to stealthily deliver malware. Attackers might include a link in an email that, when clicked, redirects to an HTML page that uses HTML and JavaScript to compile the payload. The method could appeal to people who spend many hours working remotely using browser-based applications.”]
Source: https://www.darkreading.com/attacks-breaches/reports-point-to-uptick-in-html-smuggling-attacks