Chrome, Firefox, Opera vulnerable to punycode related phishing attack: arstechnica article

How to fix (from article):

People who use Chrome should install version 58 as soon as possible. Firefox users can protect themselves by entering "about:config" in the address bar and agreeing to the displayed warning. From there, enter "punycode" in the search box to bring up a line that reads network.IDN_show_punycode. Next, double-click the word "false" to change it to "true." From then on, Firefox will display the "dumb ascii" characters and not the deceptive, encoded ones. Besides Apple's Safari, Microsoft's Edge and Internet Explorer browsers are also not affected, at least as long as they don't have support for a Cyrillic language.

discussion about it on /r/webdev: https://www.reddit.com/r/webdev/comments/66mksc/chrome_firefox_and_opera_users_beware_this_isnt/