Detecting malicious #Unicode (mastodon.thenewoil.org)

submitted 2 months ago by thenewoil@mastodon.thenewoil.org to c/cybersecurity@fedia.io

2 comments fedilink hide all child comments

Detecting malicious #Unicode

https://daniel.haxx.se/blog/2025/05/16/detecting-malicious-unicode/

#cybersecurity

top 2 comments

sorted by: hot top controversial new old

[-] pink@norden.social 1 points 2 months ago

@thenewoil@mastodon.thenewoil.org cc @bagder@mastodon.social

[-] tasket@infosec.exchange 1 points 2 months ago

@thenewoil@mastodon.thenewoil.org @bagder@mastodon.social I'm of a mind that this vuln keeps cropping up because its being handled at the wrong level in the stack, and maybe in the wrong way as well.

Consider what it would be like if the OS presentation layer detected this, simply by highlighting any parts of strings that don't belong to the same language as the first (visible) character in the string.

this post was submitted on 19 May 2025

2 points (100.0% liked)

Cybersecurity

2 readers

15 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

founded 2 years ago

MODERATORS

shellsharks@fedia.io

tweedge@fedia.io