Skip to content
The Nexus
SECURITYApr 28 · 14:59 UTCDARK READINGElizabeth Montalbano

Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain

Attackers are distributing malicious VS Code extensions via Open VSX, exploiting supply chain vulnerabilities to spread self-propagating malware. The campaign involves seeding seemingly benign extensions that act as vectors for malware propagation.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this