CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Increasing Use of CSS-Based Hidden Text Salting in Email Attacks

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Attackers are increasingly using Cascading Style Sheets (CSS) to insert hidden text and characters into emails, evading filters and bypassing enterprise security defenses. This tactic, known as 'hidden text salting,' involves adding noise to email content that is undetectable to users but confusing to email filtering tools. The technique has seen a steady increase in use, with threat actors manipulating CSS properties to hide irrelevant content in various parts of an email. Security researchers have observed this tactic being employed to evade detection mechanisms and impact potential LLM-based defense solutions.

Timeline

  1. 08.10.2025 00:18 1 articles · 14h ago

    Increased Use of CSS-Based Hidden Text Salting in Email Attacks

    Attackers are increasingly using CSS to insert hidden text and characters into emails, evading filters and bypassing enterprise security defenses. This tactic, known as 'hidden text salting,' involves adding noise to email content that is undetectable to users but confusing to email filtering tools. The technique has seen a steady increase in use, with threat actors manipulating CSS properties to hide irrelevant content in various parts of an email. Security researchers have observed this tactic being employed to evade detection mechanisms and impact potential LLM-based defense solutions.

    Show sources
    Open in new tab

Information Snippets

  • Attackers use CSS to insert hidden text and characters in emails to bypass security filters.

    First reported: 08.10.2025 00:18
    1 source, 1 article
    Show sources

  • Hidden text salting involves adding noise to email content that is visually undetectable to users.

    First reported: 08.10.2025 00:18
    1 source, 1 article
    Show sources

  • CSS properties such as opacity, text properties, and display properties are manipulated to hide content.

    First reported: 08.10.2025 00:18
    1 source, 1 article
    Show sources

  • Hidden text can be added to important keywords and phrases to evade detection.

    First reported: 08.10.2025 00:18
    1 source, 1 article
    Show sources

  • Cisco Talos has observed a steady increase in the use of this tactic over the past several months.

    First reported: 08.10.2025 00:18
    1 source, 1 article
    Show sources

  • Mitigation strategies include HTML sanitization and deploying filters to ignore visually hidden content.

    First reported: 08.10.2025 00:18
    1 source, 1 article
    Show sources