Font-rendering trick hides malicious commands from AIs
🔍 LayerX researchers demonstrated a font-rendering technique that can hide malicious commands from AI assistants by encoding the payload in HTML while visually rendering a different, benign string to users. The proof-of-concept combines custom fonts with glyph substitution and CSS concealment (tiny fonts, color/opacity tricks) so the DOM appears harmless while the browser displays an executable instruction. In tests across many popular assistants, automated analyzers that read the DOM missed the hidden commands; LayerX urges assistants to compare rendered output with DOM text and to treat fonts, color/opacity matches, and unusually small fonts as potential attack surfaces.
