Supply-chain attack using invisible code hits GitHub and other repositories
Summary
Ars Technica reports researchers from Aikido Security uncovered a supply-chain campaign that inserted 151 malicious packages into GitHub, npm, and Open VSX with invisible Unicode code that hides executable payloads. The visible code appears legitimate, while the hidden characters decode into payloads at runtime, often via eval(), making manual reviews and automated scanners less effective. The attackers, dubbed Glassworm, may be using AI-generated payloads to scale, and similar packages have been found across major repositories. The piece urges developers to scrutinize dependencies, watch for typos in names, and implement stronger supply-chain defenses to mitigate such threats.