Vscode

GlassWorm supply chain attack spreads via 72 Open VSX extensions using invisible Unicode obfuscation. Targets crypto wallets, API tokens, and CI/CD pipelines.

Two AI coding assistants on Microsoft's marketplace steal source code and credentials in real-time. Extensions use hidden iframes and analytics SDKs to profile developers.

First macOS-focused wave of GlassWorm malware discovered on Open VSX marketplace, stealing cryptocurrency wallets, Keychain passwords, and developer credentials through trojanized extensions.