Detecting malicious #Unicode (mastodon.thenewoil.org)

submitted 2 months ago by thenewoil@mastodon.thenewoil.org to c/cybersecurity@fedia.io

2 comments fedilink hide all child comments

Detecting malicious #Unicode

https://daniel.haxx.se/blog/2025/05/16/detecting-malicious-unicode/

#cybersecurity

you are viewing a single comment's thread
view the rest of the comments

[-] tasket@infosec.exchange 1 points 2 months ago

@thenewoil@mastodon.thenewoil.org @bagder@mastodon.social I'm of a mind that this vuln keeps cropping up because its being handled at the wrong level in the stack, and maybe in the wrong way as well.

Consider what it would be like if the OS presentation layer detected this, simply by highlighting any parts of strings that don't belong to the same language as the first (visible) character in the string.

this post was submitted on 19 May 2025

2 points (100.0% liked)

Cybersecurity

2 readers

11 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

founded 2 years ago

MODERATORS

shellsharks@fedia.io

tweedge@fedia.io