The Hacker News - GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a "significant escalation" in how it propagates through the Open VSX registry. "Instead of requiring every malicious listing to embed the loader directly, the threat actor is now abusing extensionPack and extensionDependencies to turn initially standalone-looking extensions into transitive

from The Hacker News https://thehackernews.com/2026/03/glassworm-supply-chain-attack-abuses-72.html

Comments

Popular posts from this blog

US-CERT - AR18-352A: Quasar Open-Source Remote Administration Tool

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"

The Hacker News - Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools