73 Open VSX Sleeper Extensions Linked to GlassWorm Activate New Malware Campaign

📅 26 April 2026 at 04:29 UTC📰 Cyber Security NewsView original source ↗

The GlassWorm supply chain attack targeting the Open VSX marketplace has escalated with the discovery of 73 new “sleeper” extensions. Identified in April 2026, this cluster marks a dangerous shift in how threat actors distribute malware to software developers. This activity follows a major wave discovered in March 2026, where researchers documented 72 malicious Open […] The post 73 Open VSX Sleeper Extensions Linked to GlassWorm Activate New Malware Campaign appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

Threat actors linked to GlassWorm have escalated their supply chain attack on the Open VSX marketplace, distributing 73 new 'sleeper' extensions that activate malware campaigns targeting software developers. This marks a significant shift in how threat actors distribute malware.

⚙️Technical Details

Affected Systems

Open VSX marketplace

Attack Vectors

Supply chain attack via sleeper extensions

💥Impact Assessment

Severity: Critical

🛡️Recommended Actions

1Monitor Open VSX marketplace for suspicious activity

2Implement strict software updates and patching policies

3Conduct regular security audits of third-party dependencies

📦Affected Products

Open VSX marketplace

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News ↗

← Back to feed