The Glassworm campaign has resurfaced in a third wave, with 24 newly identified malicious packages appearing on OpenVSX and the Microsoft Visual Studio Marketplace, repositories used to distribute extensions for VS Code–compatible editors.
First documented in October by Koi Security, the malware has used invisible Unicode characters to obfuscate its code. When installed, earlier variants attempted to steal GitHub, npm and OpenVSX account credentials and cryptocurrency wallet data from affected extensions, and deployed a SOCKS proxy and an HVNC client to enable stealthy operator access.
The re‑emergence was reported by Secure Annex’s researcher, John Tuckner, who said the new wave includes packages that impersonate popular tools and developer frameworks. Secure Annex identified 17 packages on the Microsoft marketplace and seven on Open VSX, with package names indicating a broad targeting scope that includes Flutter, Vim, YAML, Tailwind, Svelte, React Native and Vue ecosystems.
The researcher said attackers push malicious updates after packages are accepted on a marketplace, then artificially inflate download counts to make the extensions appear legitimate and to manipulate search rankings so the malicious items appear close to the projects they impersonate.
Technical changes were also reported: the campaign now sometimes uses Rust‑based implants bundled inside extensions, and the invisible Unicode obfuscation remains in use in some cases. Open VSX had previously rotated compromised access tokens and declared the incident contained, but the malware returned to both sites shortly after.