Threat researchers with various vendors for the past year have been tracking the efforts of a bad actor dubbed GlassWorm known for dropping malicious extensions in code registries like npm, Open VSX, PyPI, and Microsoft’s Visual Studio Marketplace with the aim of stealing secrets and cryptocurrency. This month, threat researchers wrote about a resurgence in..
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2026/03/an-evolving-glassworm-malware-is-making-the-rounds-of-code-repositories/
