{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreihigg65stilcybgm3lh2fz2tevlvokoyla6m6kt2khuld6n2howia",
    "uri": "at://did:plc:ajcrkmnlj6rxdk7rltijv227/app.bsky.feed.post/3mgzqmhggetj2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreibgshzt6wpkgcpp7bjhpew5xx63foujwzmced4qkows4pymzyjxea"
    },
    "mimeType": "image/png",
    "size": 1012110
  },
  "path": "/tech-industry/cyber-security/malicious-packages-using-invisible-unicode-found-in-151-github-repos-and-vs-code",
  "publishedAt": "2026-03-14T14:11:38.000Z",
  "site": "https://www.tomshardware.com",
  "tags": [
    "Cybersecurity",
    "Tech Industry"
  ],
  "textContent": "The technique exploits Unicode Private Use Area characters, which render as zero-width whitespace in virtually every code editor and terminal.",
  "title": "Invisible malicious code attacks 151 GitHub repos and VS Code — Glassworm attack uses blockchain to steal tokens, credentials, and secrets",
  "updatedAt": "2026-03-14T14:11:39.000Z"
}