OpenVSX
-
GlassWorm fourth wave targets macOS with trojanized crypto wallets in VS Code extensions
A fourth GlassWorm wave is targeting macOS developers with trojanized VS Code and OpenVSX extensions that steal credentials and attempt to replace hardware wallet apps. More than 33,000 installs were recorded.
-
Glassworm malware returns with 24 malicious VS Code packages on OpenVSX and Microsoft marketplace
The Glassworm malware has returned in a third wave with 24 malicious VS Code extension packages on OpenVSX and the Microsoft Visual Studio Marketplace, using obfuscation and Rust‑based implants to steal credentials, deploy proxies and enable remote access.
