Bleeping Computer

Invisible characters could be hiding backdoors in your JavaScript code

Could malicious backdoors be hiding in your code, that otherwise appears perfectly clean to the human eye and text editors alike? A security researcher has shed light on how invisible characters can ...

The invisible threat hidden in clear view: how Unicode characters are being weaponized to hide malicious commands from human users

Research from BeyondTrust Phantom Labs found the vulnerability stems from improper input sanitization in how Codex processed ...
Threat Post

‘Trojan Source’ Hides Invisible Bugs in Source Code

The old RLO trick of exploiting how Unicode handles script ordering and a related homoglyph attack can imperceptibly switch the real name of malware. Researchers have found a new way to encode ...
Dark Reading

Attackers Use Unicode & HTML to Bypass Email Security Tools

Cybercriminals have been spotted using HTML/CSS and Unicode tricks to bypass tools meant to block malicious emails, marking a new twist in phishing techniques, security researchers report. Attackers ...