Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

Open VSX

Researchers flag 73 fake VS Code extensions tied to GlassWorm campaign

Cybercrime, Research, Risk

April 27, 2026

Researchers flagged 73 fake Visual Studio Code extensions on Open VSX tied to the GlassWorm campaign. Six were confirmed malicious, while the rest were sleeper packages designed to build trust before delivering malware.
GlassWorm campaign escalates with transitive Open VSX extensions

News, Research, Vulnerabilities

March 15, 2026

A Socket report flagged a GlassWorm escalation in Open VSX with 72 malicious extensions found since January 31, 2026. The campaign uses transitive extension installs and invisible Unicode obfuscation to deliver payloads.
Malicious Open VSX extension delivers SleepyDuck RAT and uses Ethereum contract for fallback control

Cybercrime, News, Research, Risk, Vulnerabilities

November 4, 2025

Researchers warned that a malicious Open VSX extension, juan-bianco.solidity-vlang, installs a SleepyDuck remote access trojan that uses an Ethereum smart contract and a fallback RPC mechanism to update its command-and-control details.

About
Editorial Policy
Privacy
Contact