Malicious Actors Exploit CSS for Evasive Phishing and User Tracking

Malicious actors are exploiting Cascading Style Sheets (CSS) to bypass anti-spam filters and detection engines, as well as to track user actions and preferences. Cisco Talos has observed this technique, raising concerns about security and privacy, including the risk of fingerprinting. CSS, a style sheet language used to describe the presentation of a document written in HTML or XML, is being misused for malicious purposes.