Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

supply-chain-attacks

Glassworm malware returns with 24 malicious VS Code packages on OpenVSX and Microsoft marketplace

Cybercrime, News, Research, Vendors, Vulnerabilities

December 2, 2025

The Glassworm malware has returned in a third wave with 24 malicious VS Code extension packages on OpenVSX and the Microsoft Visual Studio Marketplace, using obfuscation and Rust‑based implants to steal credentials, deploy proxies and enable remote access.

About
Editorial Policy
Privacy
Contact