GlassWorm has resurfaced with 24 malicious extensions posing as popular developer tools across Visual Studio Marketplace and Open VSX. The campaign uses Rust implants, Solana-based C2, and inflated download stats to slip harmful updates into trusted environments.

This wave shows how supply-chain attacks continue evolving by blending seamlessly into developer workflows.

What protections do you think dev ecosystems should prioritize next?

Follow us for consistent, unbiased cybersecurity coverage.

#infosec #glassworm #supplychainsecurity #devsecops #vscode #openvsx #malware #threatintel #securityresearch #technadu

GlassWorm has resurfaced with 24 malicious extensions posing as popular developer tools across Visual Studio Marketplace and Open VSX. The campaign uses Rust implants, Solana-based C2, and inflated download stats to slip harmful updates into trusted environments.

This wave shows how supply-chain attacks continue evolving by blending seamlessly into developer workflows.

What protections do you think dev ecosystems should prioritize next?

Follow us for consistent, unbiased cybersecurity coverage.

#infosec #glassworm #supplychainsecurity #devsecops #vscode #openvsx #malware #threatintel #securityresearch #technadu