GlassWorm has resurfaced with 24 malicious extensions posing as popular developer tools across Visual Studio Marketplace and Open VSX. The campaign uses Rust implants, Solana-based C2, and inflated download stats to slip harmful updates into trusted environments.
This wave shows how supply-chain attacks continue evolving by blending seamlessly into developer workflows.
What protections do you think dev ecosystems should prioritize next?
Follow us for consistent, unbiased cybersecurity coverage.
#infosec #glassworm #supplychainsecurity #devsecops #vscode #openvsx #malware #threatintel #securityresearch #technadu
