Glassworm Malware Campaign Targets Developers via npm, PyPI, OpenVSX, and GitHub
A dangerous malware campaign known as Glassworm has been spreading through the tools that software developers trust most every day. By abusing popular platforms like npm, PyPI, OpenVSX, and GitHub…
Read the full articleYou might also wanna read
GlassWorm: First Self-Propagating Worm Targets VS Code Extensions with Invisible Code
A month after Shai Hulud became the first self-propagating worm in the npm ecosystem, we just discovered the world's first worm targeting VS
Glassworm Threat Actor Returns with Unicode-Based Supply Chain Attacks on GitHub, npm, and VS Code
The Glassworm supply chain attack is back. Researchers uncovered malware hidden in invisible Unicode characters across 150+ GitHub repositor
aikido.dev·4mo agoGlassworm Threat Actor Returns with Unicode-Based Supply Chain Attacks on GitHub, npm, and VS Code
The Glassworm supply chain attack is back. Researchers uncovered malware hidden in invisible Unicode characters across 150+ GitHub repositor
aikido.dev·4mo agoCrowdStrike, Google Take Down Glassworm Botnet
Operators of the malicious Glassworm botnet have been targeting software developers since at least early 2025

GlassWorm Hides a RAT Inside a Malicious Chrome Extension
GlassWorm deploys a multi-stage RAT that force-installs a malicious Chrome extension to log keystrokes, steal cookies, and exfiltrate data v

GlassWorm goes native: New Zig dropper infects every IDE on your machine
GlassWorm deploys a Zig-based native dropper hidden within a fake extension, silently compromising VS Code, Cursor, VSCodium, and other IDEs
Miasma worm targets Microsoft, compromises 73 GitHub repositories
Miasma worm hits 73 Microsoft GitHub repositories and directly targets StepSecurity’s Harden-Runner to evade security controls.

Comments
Sign in to join the conversation.
No comments yet. Be the first.