All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Glassworm botnet targeting software developers taken down by CrowdStrike, Google, and Shadowserver

4d ago· 2 min readenNews
Bagel score 75 of 100
75/100
Toasty
Bagelometer

Warm and crisp on the edges. A bagel with a bit of bite.

Score75TypenewsSentimentpositive

Summary

A coordinated takedown operation by CrowdStrike, Google, and the Shadowserver Foundation dismantled the Glassworm botnet on 26 May 2024. The botnet had been weaponizing trusted developer tools to poison hundreds of GitHub repositories with malicious code over an 18-month period. The operation simultaneously struck all command-and-control channels, cutting operators off from their bots and halting new malicious payload delivery. The threat highlights how adversaries are increasingly targeting developers who build software, rather than just end-user products.

Key quotes

· 3 pulled
Glassworm, a botnet that weaponised trusted developer tools to poison hundreds of GitHub repositories with malicious code, was knocked out in a coordinated operation by CrowdStrike, Google, and the Shadowserver Foundation.
The takedown occurred on 26 May and struck all command-and-control channels simultaneously, cutting operators off from their bots and halting new malicious payload delivery.
The operation emphasized that the threat extends beyond botnets, because adversaries target developers who build software rather than only products.
Snippet from the RSS feed
Glassworm was disrupted by coordinated takedown of its command-and-control infrastructure, stopping malicious payload delivery and underscoring developer-targeted supply-chain risk.

You might also wanna read

Glassworm Threat Actor Returns with Unicode-Based Supply Chain Attacks on GitHub, npm, and VS Code

The Glassworm threat actor has returned with a new wave of supply chain attacks using invisible Unicode characters to compromise software re

aikido.dev·2mo ago

GlassWorm: First Self-Propagating Worm Targets VS Code Extensions with Invisible Code

Researchers have discovered GlassWorm, the world's first self-propagating worm targeting VS Code extensions on the OpenVSX marketplace. This

koi.ai·7mo ago

GitHub Issue Prompt Injection Leads to 4,000 Developer Machines Compromised via Malicious npm Package

A sophisticated supply chain attack compromised approximately 4,000 developer machines through a GitHub issue title prompt injection. The at

grith.ai·2mo ago

Project Glasswing: AI-assisted vulnerability detection finds over 10,000 critical software flaws

Project Glasswing is a collaborative effort launched to secure critical software against potential threats from increasingly capable AI mode

anthropic.com·9d ago

GitLab Identifies Large-Scale npm Supply Chain Attack with Destructive Malware

GitLab's security researchers have uncovered a large-scale supply chain attack in the npm ecosystem involving a destructive malware variant

about.gitlab.com·6mo ago

Klarrio Uncovers Large-Scale Malware Network on GitHub

Klarrio discovered a large-scale malware network on GitHub through the research of their CTO, Bruno De Bus, exposing attempts to install mal

klarrio.com·11mo ago