Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

LayerX font-rendering PoC exposes a browser-rendering gap in AI assistant analysis

Technical Analysis
First reported
Last updated
Happening score
H score 31
1 unique sources, 1 articles

Summary

Hide ▲

A LayerX proof-of-concept showed that a font-rendering attack can hide malicious webpage commands from AI assistants, creating a risk of unsafe guidance when the browser render and the DOM do not match. The technique used custom fonts, glyph substitution, and CSS concealment to make dangerous instructions visible to the user but not to the model. As of December 2025, the method reportedly worked against multiple popular assistants, including ChatGPT, Claude, Copilot, Gemini, and others.

Related Happenings

DRILLAPP JavaScript backdoor through Microsoft Edge

Malware Activity
First: 16.03.2026 11:07 Last: 16.03.2026 11:07 Sources 1

About this happening: Observed in **February 2026**, the **DRILLAPP** backdoor now runs through **Microsoft Edge**, giving it **file access** plus access to the **microphone**, **webcam**, and **screen...

Open Happening

Jasper Sleet and Coral Sleet AI-enabled IT worker scam campaign

Campaign
First: 06.03.2026 19:49 Last: 06.03.2026 19:49 Sources 1

About this happening: The **Jasper Sleet** and **Coral Sleet** campaign is using **AI** to scale fake **IT worker scams**, making social engineering against **organizations** more convincing and persis...

Open Happening

Enterprise browser users AI adoption and browser-risk trends

Target Trend
First: 05.03.2026 17:01 Last: 05.03.2026 17:01 Sources 1

About this happening: Enterprise browser sessions are seeing **mainstream AI tool use**, widening the security blind spot around **employee work sessions** and increasing the risk of **sensitive data e...

Open Happening

Google Gemini AI in Chrome privilege escalation flaw (CVE-2026-0628)

Vulnerability
First: 02.03.2026 12:27 Last: 02.03.2026 12:27 Sources 1

About this happening: **Google** has fixed **CVE-2026-0628** in **Gemini AI in Chrome**, a high-severity flaw that let a malicious extension hijack the privileged Gemini side panel and expose user priv...

Latest development: 02.03.2026 19:08

Palo Alto Networks Unit 42 researcher Gal Weizman discovered and reported CVE-2026-0628 in Google Chrome on November 23, 2025, identifying insufficient policy enforcement in the WebView tag that could let a malicious extension inject scripts or HTML into a privileged page and seize control of the Gemini Live panel.

Open Happening

OpenClaw security patch release for CVE-2026-26322

Security Patch Release
First: 19.02.2026 12:00 Last: 19.02.2026 12:00 Sources 1

About this happening: **OpenClaw** released a **patch for six vulnerabilities** in its **agentic AI assistant**, addressing **SSRF**, **missing authentication**, and **path traversal** flaws that could...

Open Happening

Timeline

  1. 17.03.2026 15:59 2 articles · 2mo ago

    LayerX discloses font-rendering attack against browser-based AI assistants

    Initial Disclosure

    LayerX disclosed a browser-rendering attack against browser-based AI assistants, showing that custom fonts, glyph substitution, and CSS could make malicious on-page commands look harmless in the DOM while the browser rendered the dangerous instruction to users; LayerX said the technique worked as of December 2025 against ChatGPT, Claude, Copilot, Gemini, Leo, Grok, Perplexity, Sigma, Dia, Fellou, and Genspark, and on December 16, 2025 it sent the findings to vendors, after which Microsoft opened an MSRC case and later fully addressed the issue while Google initially assigned high priority before downgrading and closing it as overly reliant on social engineering.

    Show sources
    Open in new tab