All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Glassworm Malware Campaign Targets Developers via npm, PyPI, OpenVSX, and GitHub

A dangerous malware campaign known as Glassworm has been spreading through the tools that software developers trust most every day. By abusing popular platforms like npm, PyPI, OpenVSX, and GitHub…

Read the full article
@infosec.skyfleet.blue1mo ago6 min readenNews

You might also wanna read

GlassWorm: First Self-Propagating Worm Targets VS Code Extensions with Invisible Code

A month after Shai Hulud became the first self-propagating worm in the npm ecosystem, we just discovered the world's first worm targeting VS

koi.ai·9mo ago

Glassworm Threat Actor Returns with Unicode-Based Supply Chain Attacks on GitHub, npm, and VS Code

The Glassworm supply chain attack is back. Researchers uncovered malware hidden in invisible Unicode characters across 150+ GitHub repositor

aikido.dev·4mo ago

Glassworm Threat Actor Returns with Unicode-Based Supply Chain Attacks on GitHub, npm, and VS Code

The Glassworm supply chain attack is back. Researchers uncovered malware hidden in invisible Unicode characters across 150+ GitHub repositor

aikido.dev·4mo ago

CrowdStrike, Google Take Down Glassworm Botnet

Operators of the malicious Glassworm botnet have been targeting software developers since at least early 2025

Infosecurity Magazine - Information Security & IT Security News and Resources·1mo ago

GlassWorm Hides a RAT Inside a Malicious Chrome Extension

GlassWorm deploys a multi-stage RAT that force-installs a malicious Chrome extension to log keystrokes, steal cookies, and exfiltrate data v

aikido.dev·4mo ago

GlassWorm goes native: New Zig dropper infects every IDE on your machine

GlassWorm deploys a Zig-based native dropper hidden within a fake extension, silently compromising VS Code, Cursor, VSCodium, and other IDEs

aikido.dev·3mo ago

Miasma worm targets Microsoft, compromises 73 GitHub repositories

Miasma worm hits 73 Microsoft GitHub repositories and directly targets StepSecurity’s Harden-Runner to evade security controls.

ThreatLocker·22d ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.