New font-rendering trick hides malicious commands from AI tools

Researchers have discovered a font-rendering attack that allows malicious actors to hide harmful commands from AI assistants by exploiting how AI tools parse HTML content. The attack uses font manipulation techniques to make malicious instructions invisible to AI systems while appearing as normal text to humans, potentially allowing attackers to bypass AI safety filters and trick AI assistants into executing harmful actions.