Threat Post

‘Trojan Source’ Hides Invisible Bugs in Source Code

The old RLO trick of exploiting how Unicode handles script ordering and a related homoglyph attack can imperceptibly switch the real name of malware. Researchers have found a new way to encode ...
Dark Reading

3 Ways to Deal With the Trojan Source Attack

The Trojan Source attack method, identified by University of Cambridge researchers, tricks compilers into reading hidden Unicode characters and generating binaries with extra instructions and ...
Infosecurity-magazine.com

Most Computer Code Compilers Vulnerable to Novel Attacks

Most computer code compilers are at risk of ‘Trojan source’ attacks in which adversaries can introduce targeted vulnerabilities into any software without being detected, according to researchers from ...
Bleeping Computer

'Trojan Source' attack method can hide bugs into open-source code

Academic researchers have released details about a new attack method they call “Trojan Source” that allows injecting vulnerabilities into the source code of a software project in a way that human ...
TechRadar

This Unicode bug threatens the security of all source code

Academic cybersecurity researchers have flagged a strange vulnerability that affects most computer code compilers, and many software development environments. Discovered by researchers at the ...