GlassWorm Malware Resurfaces: 73 OpenVSX ‘Sleeper’ Extensions Turn Malicious
Why it matters: Indian organizations utilizing OpenVSX or similar development environments must audit their extensions to prevent supply chain attacks from this evolving threat.
A new GlassWorm malware campaign is actively targeting the OpenVSX ecosystem. This campaign leverages 73 'sleeper' extensions designed to become malicious after an update. Organizations using OpenVSX should immediately review their installed extensions for potential compromise.
Source: BleepingComputer