CyberheistNews Vol 16 #14 [Heads Up] Clever Hackers Use Custom Fonts to Bypass AI Defenses

**Executive summary:** Researchers warn that adversaries can use custom fonts and CSS to render different text to human users than what's present in the DOM, allowing phishing pages to evade AI web assistants; separately, attackers abused a maintainer account to insert a malicious dependency into the widely used Axios ecosystem that profiled systems and deployed a remote-access trojan before wiping artifacts, and researchers also observed surges in phishing campaigns and elaborate social-engineering scams exploiting geopolitical events and fabricated law-enforcement setups.