extensionPack
-
GlassWorm campaign escalates with transitive Open VSX extensions
A Socket report flagged a GlassWorm escalation in Open VSX with 72 malicious extensions found since January 31, 2026. The campaign uses transitive extension installs and invisible Unicode obfuscation to deliver payloads.
