#glassworm

[ follow ]
#malware #open-vsx #cybersecurity #vs-code-extensions #visual-studio-code #supply-chain-attack
#malware
fromInfoWorld
1 day ago
Information security

More fake extensions linked to GlassWorm found in Open VSX code marketplace

73 new fraudulent extensions have been added to the Open VSX marketplace, continuing supply chain attacks that download GlassWorm malware.
fromSecurityWeek
2 days ago
Information security

Dozens of Open VSX Extension Clones Linked to GlassWorm Malware

Over 70 extensions in the Open VSX marketplace are likely linked to GlassWorm malware, designed to steal sensitive information and deploy malware.
Information security
fromInfoWorld
1 day ago

More fake extensions linked to GlassWorm found in Open VSX code marketplace

73 new fraudulent extensions have been added to the Open VSX marketplace, continuing supply chain attacks that download GlassWorm malware.
Information security
fromSecurityWeek
2 days ago

Dozens of Open VSX Extension Clones Linked to GlassWorm Malware

Over 70 extensions in the Open VSX marketplace are likely linked to GlassWorm malware, designed to steal sensitive information and deploy malware.
more#malware
#cybersecurity
Information security
fromThe Hacker News
3 days ago

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

Dozens of malicious VS Code extensions linked to the GlassWorm campaign have been identified, posing risks to developers through cloned versions of legitimate tools.
Information security
fromThe Hacker News
2 weeks ago

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

A new Zig dropper in the GlassWorm campaign stealthily infects all IDEs on a developer's machine through a malicious VS Code extension.
more#cybersecurity
Information security
fromSecurityWeek
2 months ago

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack

GlassWorm was distributed via a compromised Open VSX publisher account to deliver a macOS-focused loader that steals browser data and cryptocurrency artifacts using Solana-based C2.
fromThe Hacker News
2 months ago

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

On January 30, 2026, four established Open VSX extensions published by the oorzc author had malicious versions published to Open VSX that embed the GlassWorm malware loader, These extensions had previously been presented as legitimate developer utilities (some first published more than two years ago) and collectively accumulated over 22,000 Open VSX downloads prior to the malicious releases.
Information security
fromInfoWorld
5 months ago

How GlassWorm wormed its way back into developers' code - and what it says about open source security

Just a little over two weeks after GlassWorm was declared "fully contained and closed" by the open source OpenVSX project, the self-propagating worm is once again targeting Visual Studio Code extensions, add-ons that enhance open source VS Code, providing new features, debuggers, and other tools to improve developer workflows. Researchers from Koi have discovered a new wave of infections and three more compromised extensions.
Information security
#vs-code-extensions
more#vs-code-extensions
Information security
fromTechzine Global
5 months ago

Invisible malware spread via VS Code extensions

GlassWorm infected Visual Studio Code extensions using invisible Unicode and Solana blockchain command-and-control; OpenVSX was impacted but later contained and remediated.
[ Load more ]