A newly discovered supply chain attack is spreading the GlassWorm malware across multiple developer environments by abusing the OpenVSX extension marketplace. GlassWorm is not new. Researchers have tracked the campaign since March 2025, when attackers hid malicious payloads inside npm packages using invisible Unicode characters. Since then, the operation has expanded across GitHub repositories, npm […] The post GlassWorm Trojan Hits VS Code, Cursor, Windsurf via OpenVSX Extension appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/glassworm-malware-4/
