Glassworm third-wave malicious VS Code packages
Malware Activity
Summary
Hide ▲
Show ▼
The Glassworm malware has returned in a third wave of malicious VS Code marketplace packages, expanding exposure for developers who install extensions from OpenVSX and the Microsoft Visual Studio Marketplace. The packages are designed to steal GitHub, npm, and OpenVSX accounts and to harvest cryptocurrency wallet data. They also add SOCKS proxy and HVNC capabilities, increasing the risk of stealthy remote access.
Related Happenings
GlassWorm supply-chain malware activity
Malware Activity
First: 27.05.2026 14:48
Last: 27.05.2026 14:48
Sources 1
About this happening:
The **GlassWorm** malware activity is now under a coordinated **C2 disruption**, reducing its ability to deliver new instructions and payloads to infected developer systems. The o...
GlassWorm supply-chain malware activity
Malware ActivityAbout this happening: The **GlassWorm** malware activity is now under a coordinated **C2 disruption**, reducing its ability to deliver new instructions and payloads to infected developer systems. The o...
Shai-Hulud worm clone activity on NPM
Malware Activity
First: 18.05.2026 12:45
Last: 18.05.2026 12:45
Sources 1
About this happening:
The **Shai-Hulud** malware activity has continued to evolve across the **npm supply chain** and related developer ecosystems. It first infected **npm packages** in **September 202...
Shai-Hulud worm clone activity on NPM
Malware ActivityAbout this happening: The **Shai-Hulud** malware activity has continued to evolve across the **npm supply chain** and related developer ecosystems. It first infected **npm packages** in **September 202...
Deadcode09284814 malicious npm packages delivering Phantom Bot and infostealers
Malware Activity
First: 18.05.2026 11:57
Last: 18.05.2026 11:57
Sources 1
About this happening:
Four **npm** packages published by **deadcode09284814** were found delivering **information-stealing malware** and **Phantom Bot** DDoS capability, putting installers at risk of *...
Deadcode09284814 malicious npm packages delivering Phantom Bot and infostealers
Malware ActivityAbout this happening: Four **npm** packages published by **deadcode09284814** were found delivering **information-stealing malware** and **Phantom Bot** DDoS capability, putting installers at risk of *...
Mini Shai-Hulud supply-chain campaign targeting npm and PyPI
Campaign
First: 12.05.2026 17:45
Last: 12.05.2026 17:45
Sources 1
About this happening:
The **Mini Shai-Hulud** **supply-chain campaign** linked to **TeamPCP** expanded into downstream victim reporting, including **Grafana Labs**. Grafana said its **GitHub environmen...
Mini Shai-Hulud supply-chain campaign targeting npm and PyPI
CampaignAbout this happening: The **Mini Shai-Hulud** **supply-chain campaign** linked to **TeamPCP** expanded into downstream victim reporting, including **Grafana Labs**. Grafana said its **GitHub environmen...
Latest development: 21.05.2026 11:00
Grafana Labs said its GitHub environment was accessed and its codebase downloaded, with additional internal operational information taken from GitHub repositories, after compromise linked to the Mini Shai-Hulud campaign and TanStack npm packages. Grafana said it first spotted malicious activity on May 11, discovered the unauthorized download on May 17, and after contact from the ransom gang rotated automation tokens, enabled enhanced monitoring, audited commits since the May 11 incident, and hardened its GitHub security posture, while saying there is no indication customer production systems or operations were compromised.
Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials
Campaign
First: 12.05.2026 14:29
Last: 12.05.2026 14:29
Sources 1
About this happening:
The **Shai-Hulud** **supply-chain campaign** remains active across **npm**, **PyPI**, and **Composer**, with the latest reporting tying **TeamPCP** to both a claimed **GitHub inte...
Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials
CampaignAbout this happening: The **Shai-Hulud** **supply-chain campaign** remains active across **npm**, **PyPI**, and **Composer**, with the latest reporting tying **TeamPCP** to both a claimed **GitHub inte...
Timeline
-
01.12.2025 23:08 2 articles · 5mo ago
Glassworm returns in a third wave with Rust implants
Technical Analysis UpdateOn December 1, Glassworm was described as returning in a third wave across OpenVSX and the Microsoft Visual Studio Marketplace with 24 new packages, broader targeting of tools and frameworks such as Flutter, Vim, Yaml, Tailwind, Svelte, React Native, and Vue, and a newer payload that uses Rust-based implants alongside invisible Unicode tricks, SOCKS proxy routing, and HVNC for stealthy remote access; OpenVSX had also said the incident was fully contained after rotating compromised access tokens.
Show sources
- Glassworm malware returns in third wave of malicious VS Code packages — www.bleepingcomputer.com — 01.12.2025 23:08
- GlassWorm Returns with 24 Malicious Extensions Impersonating Popular Developer Tools — thehackernews.com — 02.12.2025 17:01
-
20.10.2025 03:00 1 articles · 7mo ago
Glassworm first documented with hidden Unicode code
Initial DisclosureKoi Security first documented Glassworm on October 20 after finding malicious VS Code packages that used invisible Unicode characters to hide their code from review and lure developers into installing extensions that could steal GitHub, npm, and OpenVSX accounts and cryptocurrency wallet data.
Show sources
- Glassworm malware returns in third wave of malicious VS Code packages — www.bleepingcomputer.com — 01.12.2025 23:08