fromArs Technica
1 day agoSupply-chain attack using invisible code hits GitHub and other repositories
Hackers use invisible Unicode characters to hide malicious code that appears as whitespace to humans but executes normally in JavaScript and AI systems.