Open-source software has an invisible vulnerability. Hackers have found it
A cybercrime campaign called GlassWorm is hiding malware in invisible
characters and spreading it through software that millions of developers
rely on The danger in the code came from characters that are invisible
to the human eye. In early March researchers at several security firms
examined what looked like empty space and found hidden Unicode
characters that decoded into a malicious program. Investigators soon
traced hundreds of compromised open-source components spread across
GitHub, npm and
Read in Scientific American: https://apple.news/ACCjFPpifQlCNSMetYCJ2Dg
