Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign.
The post ForceMemo: Python Repositories Compromised in GlassWorm Aftermath appeared first on SecurityWeek.
Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack
A hacker published malicious versions of four established VS Code extensions to distribute a GlassWorm malware loader.
The post Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack appeared first on SecurityWeek.
GlassWorm Malware Returns to Open VSX, Emerges on GitHub
Three more VS Code extensions were infected last week and the malware has emerged in GitHub repositories as well.
The post GlassWorm Malware Returns to Open VSX, Emerges on GitHub appeared first on SecurityWeek.
Open VSX Downplays Impact From GlassWorm Campaign
Open VSX fully contained the GlassWorm attacks and says it was not a self-replicating worm in the traditional sense.
The post Open VSX Downplays Impact From GlassWorm Campaign appeared first on SecurityWeek.
Supply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ Malware
The malware uses invisible Unicode characters to hide its code and blockchain-based infrastructure to prevent takedowns.
The post Supply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ Malware appeared first on SecurityWeek.
