The user sees text that doesn't exist = Chrome's font settings + a malicious OpenType font + an AI agent's legitimate permissions. Here's the full chain and why it's hard to operationalize.
-
Updated
Apr 4, 2026
#
attack-chain
Here are 3 public repositories matching this topic...
Exploit automation PoCs with workflow playbooks (lab-only)
-
Updated
Sep 3, 2025 - Python
GCP External Attack Surface Management (EASM) — Zero-knowledge, 5-phase recon with automated attack chain detection.
golang gcp google-cloud pentest google-cloud-platform red-team devsecops vulnerability-scanner cloud-security easm attack-chain nicholas-kloster
-
Updated
May 1, 2026 - Go
Improve this page
Add a description, image, and links to the attack-chain topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the attack-chain topic, visit your repo's landing page and select "manage topics."