GlassWorm Campaign

The GlassWorm supply chain campaign has resurfaced, infiltrating the Microsoft Visual Studio Marketplace and Open VSX with 24 malicious extensions. These extensions impersonate popular developer tools and frameworks, stealing credentials and cryptocurrency, and turning developer machines into attacker-controlled nodes. This re-emergence highlights the adaptive nature of the adversary and the persistent challenge in securing developer…