Malware deployment is a critical stage during a red team exercise, as it allows redteam operators, if performed successfully, to gain access to a target’s internal network. For a while, the easiest way of delivering malwares was to send an email with an attachment, the malware itself. Although this technique still sometimes works, blue teams are monitoring it more and more, and numerous security tools were created to block such attachments. As such, it was necessary to find others ways of delivering malwares. This presentation introduces one, cache smuggling, which leverages browser caching mechanisms to bypass traditional security defenses and deliver malwares. Additionally, we will see that such mechanisms can be used to facilitate silent reconnaissance of internal networks as well as information gathering and, finally, how you can protect your company and yourself against it.