![Detecting Malicious Unicode in GitHub Pull Requests](https://tech.michaelaltfield.net/wp-content/uploads/sites/5/xbidi-unicode-github-defense_featuredImage2-150x79.jpg.pagespeed.ic.ucGGQXms8s.jpg)
This article will describe how you can utilize GitHub Actions to scan user-contributed PRs for unicode and automatically warn you if such commits contain (potentially invisible & malicious) unicode characters.
Why
Last month Trojan Source was published --- which described how malicious unicode characters could make source code appear benign, yet compile to something quite malicious.
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
About Michael
. . . → Read More: Detecting (Malicious) Unicode in GitHub PRs