With the recent upgrades to the CSS language, CSS code has become a powerful tool that could be abused to track users on websites, extract and steal data from a web page, collect data entered inside form fields, and even deanonymize Dark Web users in some scenarios. Three interesting research projects have tackled CSS as an attack vector, showing how this once benign language could be turned against users. The first project released on this topic was “Crooked Style Sheets”” from Jan B..hmer
Source: security