GlassWorm Returns, Slices Back into VS Code Extensions www.darkreading.com/cyberatta…
GlassWorm, a self-propagating malware targeting Visual Studio Code (VS Code) extensions on the Open VSX marketplace, have apparently continued despite statements that the threat had been contained.
Researchers at Koi Security reported their discovery of GlassWorm last month, highlighting the worm’s sophistication as well as its compromise of approximately 35,800 developer machines. The malware is similar to Shai-hulud, an NPM package worm discovered earlier this year that established itself as a particularly worrisome supply chain threat. The malware, first reported in September, spread to hundreds of open source software packages, stealing credentials without much attacker input to speak of.
