Summary: Recent findings from Cisco Talos reveal that malicious actors are exploiting Cascading Style Sheets (CSS) to bypass spam filters and track user actions, raising security and privacy concerns. They leverage CSS properties to conceal content in emails and monitor user behavior, potentially leading to phishing attacks. The analysis highlights the necessity for advanced filtering mechanisms to counteract these evolving threats.
Affected: Email clients and webmail systems
Keypoints :
- CSS techniques are being used by attackers to hide content and track user preferences in emails.
- Properties like text_indent and opacity conceal content that is not displayed to the user but can manipulate email parsers.
- Embedding CSS rules, such as the @media CSS at-rule, allows for user fingerprinting and behavior tracking.
- Recommendations include implementing advanced filtering and using email privacy proxies to mitigate these risks.
Source: https://thehackernews.com/2025/03/cybercriminals-exploit-css-to-evade.html