Glassworm malware is now coming for Macs
#GlassWorm
https://moonlock.com/self-replicating-glassworm-infecting-macs
#Glassworm
New #GlassWorm #Malware wave targets Macs with trojanized crypto wallets
The GlassWorm malware first appeared on the marketplaces in October, hidden inside malicious extensions using "invisible" Unicode characters.
📢 GlassWorm : 4e vague visant des développeurs macOS via des extensions VSCode/OpenVSX piégées
📝 Selon BleepingComputer, une quatrième vague de la campagne GlassWorm cibl...
📖 cyberveille : https://cyberveille.ch/posts/2026-01-02-glassworm-4e-vague-visant-des-developpeurs-macos-via-des-extensions-vscode-openvsx-piegees/
🌐 source : https://www.bleepingcomputer.com/news/security/new-glassworm-malware-wave-targets-macs-with-trojanized-crypto-wallets/
#GlassWorm #IOC #Cyberveille
#GlassWorm Malware Abuses Open Source Open VSX To Target #macOS Developers
New #GlassWorm #malware wave targets Macs with trojanized #crypto wallets
⚠️ Glassworm malware exploits Discord DCN for delivery #Glassworm is a modular #malware abusing Discord’s CDN to spread, using .lnk loaders and multi-stage payloads to steal data, log keystrokes and maintain persistence. Researchers warn of rapid evolution and broad targeting. #ransomNews #malware
GlassWorm has resurfaced with 24 malicious extensions posing as popular developer tools across Visual Studio Marketplace and Open VSX. The campaign uses Rust implants, Solana-based C2, and inflated download stats to slip harmful updates into trusted environments.
This wave shows how supply-chain attacks continue evolving by blending seamlessly into developer workflows.
What protections do you think dev ecosystems should prioritize next?
Follow us for consistent, unbiased cybersecurity coverage.
#infosec #glassworm #supplychainsecurity #devsecops #vscode #openvsx #malware #threatintel #securityresearch #technadu
📢 Extension VS Code malveillante “Icon Theme: Material” intègre des implants Rust liés à GlassWorm
📝 Source: Nextron Systems (blog, 28 n...
📖 cyberveille : https://cyberveille.ch/posts/2025-12-02-extension-vs-code-malveillante-icon-theme-material-integre-des-implants-rust-lies-a-glassworm/
🌐 source : https://www.nextron-systems.com/2025/11/28/malicious-vs-code-extension-impersonating-material-icon-theme-found-in-marketplace/
#Chaîne_d_approvisionnement #GlassWorm #Cyberveille
📢 Glassworm: troisième vague sur OpenVSX et Visual Studio avec 24 nouveaux packages malveillants
📝 Selon BleepingComputer, la **campagne Glassworm**, apparue en **octob...
📖 cyberveille : https://cyberveille.ch/posts/2025-12-02-glassworm-troisieme-vague-sur-openvsx-et-visual-studio-avec-24-nouveaux-packages-malveillants/
🌐 source : https://www.bleepingcomputer.com/news/security/glassworm-malware-returns-in-third-wave-of-malicious-vs-code-packages/
#Glassworm #IOC #Cyberveille
Glassworm's resurgence
#GlassWorm
https://secureannex.com/blog/glassworm-continued/
#LazyWeb question regarding the dreaded NPM #GlassWorm or similar malware to harvest auth tokens:
To avoid a potential infection leading to harvesting the token usually stored in `~/.npmrc`, I changed that file's content to:
`//registry.npmjs.org/:_authToken=${NPM_TOKEN}`
...and now only keep an ephemeral `NPM_TOKEN` env var when I need it. Are there any better approaches? What are you doing as prophylaxis?
Unsichtbarer Wurm in Visual Studio Extensions: #GlassWorm lebt | Developer https://www.heise.de/news/Schadsoftware-weiter-aktiv-GlassWorm-erneut-in-Open-VSX-Paketen-gefunden-11073146.html #Malware
#GlassWorm #malware has resurfaced on the Open VSX registry
https://securityaffairs.com/184427/malware/glassworm-malware-has-resurfaced-on-the-open-vsx-registry.html
#securityaffairs #hacking
📢 La campagne GlassWorm revient avec trois extensions VSCode malveillantes (10 000+ téléchargements)
📝 Selon l’article, la campagne de malware GlassWorm, qui avait pr...
📖 cyberveille : https://cyberveille.ch/posts/2025-11-10-la-campagne-glassworm-revient-avec-trois-extensions-vscode-malveillantes-10-000-telechargements/
🌐 source : https://www.bleepingcomputer.com/news/security/glassworm-malware-returns-on-openvsx-with-3-new-vscode-extensions/
#GlassWorm #OpenVSX #Cyberveille
GlassWorm Returns: New Wave Strikes as We Expose Attacker Infrastructure
#GlassWorm
https://www.koi.ai/blog/glassworm-returns-new-wave-openvsx-malware-expose-attacker-infrastructure
GlassWorm malware is evolving—using invisible code tricks to sneak into GitHub, NPM, and beyond. Could your favorite dev tools be next in its global pursuit? Read more to find out.
#glassworm
#malwarecampaign
#cybersecurity
#obfuscation
#vscodeextensions
GlassWorm is turning trusted VS Code extensions into stealthy attack vectors—using invisible Unicode tricks and blockchain commands to self-propagate. Could your code be next?
#glassworm
#vscode
#supplychainsecurity
#malware
#blockchainsecurity
Esto es una demostración del uso de caracteres Unicode invisibles para ofuscar el código y luego ejecutarlo.
Se ofrece esta información con fines educativos, para entender cómo funciona y protegerse, no para malos usos.
La demostración:
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst