Glassworm Is Back: A New Wave of Invisible Unicode Attacks Hits Hundreds of Repositories
Summary
The article reports on Glassworm's invisible Unicode attack wave affecting GitHub, npm, and VS Code, exploiting hidden Unicode characters to deliver malicious payloads. It reviews the attack lifecycle, scale, and notable repositories, and discusses detection and defense strategies, including Aikido's real-time protection.