Beware of blank lines and white spaces — Supply-chain attack using invisible code hits GitHub and other repositories

Unicode that’s invisible to the human eye was largely abandoned - until attackers took notice.

🧑‍💻 https://arstechnica.com/security/2026/03/supply-chain-attack-using-invisible-code-hits-github-and-other-repositories/

#hacking #blankline #whitespace #github #supplychain #unicode #hack #git #code #coding #invisible #gitrepo #itsecurity #it #itsec

When I say "IT mostly just runs in circles" I mean it: https://arstechnica.com/security/2026/03/supply-chain-attack-using-invisible-code-hits-github-and-other-repositories/

This article from 2026 describes something I've been fighting with ~17 years ago. Sure, slightly more clever payload and different delivery method, but in principle nothing new: https://github.com/MichalBryxi/Apache-fork-hack-finder-cleaner/tree/master

#Glassworm #Unicode #InvisibleCharacters #Whitespace #Hack

How to Make str.split Lie With One Space

split() splits ALL whitespace. split(' ') splits only spaces. Tabs and newlines behave differently.

#python #split #whitespace #howto #stringbug

https://www.youtube.com/watch?v=9tAZHxd_K-Y

Unguter Trend bei #GUI:
Fenstertitelleisten so stark mit Funktionen auffüllen, dass das Fenster keine Möglichkeit / Raum mehr für die Verschiebefunktion hat. #Platzknappheit

Andererseits werden Webseiten mit viel #Whitespace ausgestattet, damit sie „luftig“ aussehen. Also #Platzverschwendung.

Was soll sowas?
#UX #UI #fail

https://blog.gslin.org/archives/2025/12/18/12797/%e4%b8%ad%e8%8b%b1%e6%96%87%e4%b9%8b%e9%96%93%e7%9a%84%e7%a9%ba%e7%99%bd%e8%88%87-css-%e7%9a%84-text-autospace/

中英文之間的空白與 CSS 的 text-autospace

#auto #autospace #browser #chinese #cjk #css #english #support #text #whitespace

🐲 Manual: Spaces
by #TypeToday

#Whitespace is the most invisible and, arguably, the most important of typographic elements.

#typography #Spaces

https://type.today/en/journal/spaces