GlassWorm malware abuses compromised OpenVSX extensions to steal credentials from macOS systems
Malware Activity
Summary
Hide ▲
Show ▼
GlassWorm is a malware campaign that now also fuels ForceMemo, a supply-chain attack that steals GitHub tokens and force-pushes malicious code into Python repositories. StepSecurity says the earliest injections date to March 8, 2026, and the attackers target projects including Django apps, ML research code, Streamlit dashboards, and PyPI packages by appending obfuscated code to files like `setup.py`, `main.py`, and `app.py`. The campaign still uses VS Code and Cursor extensions to compromise developer systems, then relies on a Solana wallet to fetch payload URLs and deliver additional malware. Aikido Security also linked the activity to a separate wave that compromised more than 151 GitHub repositories, showing the operation has expanded from extension abuse into broader GitHub account takeover.
Related Happenings
North Korean Contagious Interview PolinRider supply-chain campaign
Campaign
H score51
First: 04.07.2026 14:17
Last: 04.07.2026 14:17
Sources 1
About this happening:
The **Contagious Interview / PolinRider** campaign is still active, with **108 unique packages and browser extensions** published across **npm, Packagist, Go, and Google Chrome**....
North Korean Contagious Interview PolinRider supply-chain campaign
CampaignAbout this happening: The **Contagious Interview / PolinRider** campaign is still active, with **108 unique packages and browser extensions** published across **npm, Packagist, Go, and Google Chrome**....
Rust-based clipboard hijacker spreading via fake crypto tools
Malware Activity
H score13
First: 18.06.2026 18:00
Last: 18.06.2026 18:00
Sources 1
About this happening:
A **Rust-based clipboard hijacker** is spreading through fake crypto tools and silently replacing copied wallet addresses, putting **Windows** and **macOS** users at risk of theft...
Rust-based clipboard hijacker spreading via fake crypto tools
Malware ActivityAbout this happening: A **Rust-based clipboard hijacker** is spreading through fake crypto tools and silently replacing copied wallet addresses, putting **Windows** and **macOS** users at risk of theft...
JetBrains Marketplace malicious plugins exfiltrating AI provider keys
Malware Activity
H score12
First: 17.06.2026 12:38
Last: 17.06.2026 12:38
Sources 1
About this happening:
A **JetBrains Marketplace** malware operation has pushed **15 malicious plugins** that pose as AI coding assistants and steal **AI provider API keys** from developers. The plugins...
JetBrains Marketplace malicious plugins exfiltrating AI provider keys
Malware ActivityAbout this happening: A **JetBrains Marketplace** malware operation has pushed **15 malicious plugins** that pose as AI coding assistants and steal **AI provider API keys** from developers. The plugins...
Developers' AI provider API keys exfiltrated via malicious JetBrains plugins
Data Leak
H score12
First: 17.06.2026 12:10
Last: 17.06.2026 12:10
Sources 1
About this happening:
Developers' **AI provider API keys** were **exfiltrated** through malicious **JetBrains Marketplace** plugins, exposing credentials from a broad user base and risking unauthorized...
Developers' AI provider API keys exfiltrated via malicious JetBrains plugins
Data LeakAbout this happening: Developers' **AI provider API keys** were **exfiltrated** through malicious **JetBrains Marketplace** plugins, exposing credentials from a broad user base and risking unauthorized...
Mastra @mastra/* npm packages hit by network compromise
Incident
H score47
First: 17.06.2026 10:38
Last: 17.06.2026 10:38
Sources 1
About this happening:
**Mastra** @mastra/* npm packages were **compromised** in a **software supply chain attack** that spread through the namespace on **2026-06-17**. Microsoft now attributes the acti...
Mastra @mastra/* npm packages hit by network compromise
IncidentAbout this happening: **Mastra** @mastra/* npm packages were **compromised** in a **software supply chain attack** that spread through the namespace on **2026-06-17**. Microsoft now attributes the acti...
Latest development: 20.06.2026 17:09
Microsoft attributed the Mastra AI supply chain attack to Sapphire Sleet, also known as BlueNoroff, and said the attackers compromised the npm maintainer account ehindero, which had publishing privileges across the Mastra package environment. The June 19 update said more than 140 packages in the @mastra scope were modified to inject easy-day-js.
Timeline
-
03.02.2026 00:04 3 articles · 5mo ago
GlassWorm trojanizes four OpenVSX extensions on January 30
Exploitation ObservedGlassWorm operators used compromised publishing access for the oorzc account to push malicious updates to oorzc.ssh-tools v0.5.1, oorzc.i18n-tools-plus v1.6.8, oorzc.mind-map v1.0.61, and oorzc.scss-to-css-compile v1.3.4, with the trojanized extensions collectively downloaded 22,000 times. The campaign targeted macOS systems and used the extension-store compromise to seed payloads that later stole passwords, crypto-wallet data, and developer credentials.
Show sources
- New GlassWorm attack targets macOS via compromised OpenVSX extensions — www.bleepingcomputer.com — 03.02.2026 00:04
- New GlassWorm attack targets macOS via compromised OpenVSX extensions — www.bleepingcomputer.com — 03.02.2026 00:04
- GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos — thehackernews.com — 16.03.2026 21:37
-
03.02.2026 00:04 1 articles · 5mo ago
Open VSX revokes access and removes malicious GlassWorm releases
Mitigation Patch UpdateSocket reported the compromised packages to the Eclipse Foundation, and the Open VSX operator confirmed unauthorized publishing access, revoked tokens, and removed the malicious releases. oorzc.ssh-tools was removed completely from Open VSX after multiple malicious releases were discovered, while the other affected extensions were cleaned on the platform.
Show sources
- New GlassWorm attack targets macOS via compromised OpenVSX extensions — www.bleepingcomputer.com — 03.02.2026 00:04