MalwareBleeping Computer
8.5 — CRITICAL
GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions
A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious after an update. [...]
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
A new wave of Glassworm malware attacks has targeted the OpenVSX ecosystem via 73 'sleeper' extensions, with six delivering malware and the rest suspected to be dormant or suspicious. The attack campaign is part of an ongoing supply chain attack.
⚙️Technical Details
Affected Systems
OpenVSXVisual Studio Code Marketplace
Attack Vectors
extension updatesruntime fetching secondary VSIX package from GitHubloading platform-specific compiled modules (.node files)
💥Impact Assessment
Severity: high
Who Is at Risk
Developers who installed the affected extensions and users of Visual Studio Code Marketplace
🛡️Recommended Actions
1Rotate all secrets and clean environment immediately
2Monitor for suspicious extension updates and runtime activity
3Verify software dependencies and update to latest versions
📦Affected Products
OpenVSX extensionsVisual Studio Code Marketplace extensions
Read the full article
This is a curated summary. The complete article is available at Bleeping Computer.