SECURITYTHE HACKER NEWS
GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
CrowdStrike, Google, and the Shadowserver Foundation disrupted all command-and-control channels of GlassWorm, a malware campaign targeting software developers via malicious packages and extensions since early 2025. The takedown disrupted a persistent supply chain attack infrastructure.
Mentioned
Related Signal
Adjacent reporting
- Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
- Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines
- Supply chain attack at CPUID pushes malware with CPU-Z/HWMonitor
- ‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack
- ‘TrapDoor’ malware targets crypto dev tools in supply chain attack
- DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware