Unicode that's invisible to the human eye was largely abandoned—until attackers took notice.

Ars Technica is known for its  coverage of technology-related news and analysis, ranging from scientific breakthroughs to the latest gadgets and gaming developments. Readers can learn about emerging technologies, industry trends, and the societal impact of technological advancements through detailed articles and reviews.

Ars Technica

Researchers at Aikido Security discovered 151 malicious packages uploaded to GitHub, NPM, and Open VSX between March 3–9, 2026, as part of a supply-chain attack campaign attributed to a group called Glassworm. The packages use invisible Unicode characters to hide malicious code from editors, terminals, and code review tools, rendering traditional defenses ineffective. The visible portions of the packages are high quality—featuring realistic documentation tweaks, version bumps, and bug fixes—leading researchers to suspect the attackers are using LLMs to generate convincing cover. Security firm Koi independently confirmed tracking the same group and also suspects AI involvement.

Supply-chain attack using invisible code hits GitHub and other repositories

What Happens to the Developers When AI Can Code? | Ars Frontiers