GlassWorm v2 cloned VS Code extension loaders
Malware Activity
Summary
Hide ▲
Show ▼
The GlassWorm v2 malware activity now uses cloned VS Code extensions on Open VSX to deliver payloads that steal credentials, deploy a RAT, and spread across multiple IDEs. The cluster includes 73 extensions, with six confirmed malicious and the rest used as sleeper packages to build trust before a later update turns them into malware delivery vehicles. A second-stage VSIX file is retrieved from GitHub and installed with `--install-extension` into VS Code, Cursor, Windsurf, and VSCodium. The operation matters because it turns ordinary extension installs into a supply-chain delivery path for persistent credential theft and data loss.
Related Happenings
ModeloRAT malicious PowerShell and Dropbox delivery activity
Malware Activity
First: 14.05.2026 15:12
Last: 14.05.2026 15:12
Sources 1
About this happening:
The **ModeloRAT** activity now uses a **malicious PowerShell command** and a **Dropbox ZIP payload** to gain persistent footholds, enabling **system reconnaissance**, **screenshot...
ModeloRAT malicious PowerShell and Dropbox delivery activity
Malware ActivityAbout this happening: The **ModeloRAT** activity now uses a **malicious PowerShell command** and a **Dropbox ZIP payload** to gain persistent footholds, enabling **system reconnaissance**, **screenshot...
TeamPCP Mini Shai-Hulud npm supply-chain campaign
Campaign
First: 12.05.2026 14:07
Last: 12.05.2026 14:07
Sources 1
About this happening:
The **TeamPCP**-linked **Mini Shai-Hulud** campaign is a **malicious npm supply-chain operation** that steals developer credentials and abuses trusted publishing paths to spread t...
TeamPCP Mini Shai-Hulud npm supply-chain campaign
CampaignAbout this happening: The **TeamPCP**-linked **Mini Shai-Hulud** campaign is a **malicious npm supply-chain operation** that steals developer credentials and abuses trusted publishing paths to spread t...
Mini Shai-Hulud npm supply-chain malware wave
Malware Activity
First: 12.05.2026 14:07
Last: 12.05.2026 14:07
Sources 1
About this happening:
The **Sha1-Hulud** npm supply-chain campaign is a fresh **second wave** of **Shai-Hulud**-style activity that has compromised **hundreds of npm packages**. The malware runs during...
Mini Shai-Hulud npm supply-chain malware wave
Malware ActivityAbout this happening: The **Sha1-Hulud** npm supply-chain campaign is a fresh **second wave** of **Shai-Hulud**-style activity that has compromised **hundreds of npm packages**. The malware runs during...
ZiChatBot PyPI supply-chain malware delivery
Malware Activity
First: 07.05.2026 12:20
Last: 07.05.2026 12:20
Sources 1
About this happening:
A **PyPI supply-chain attack** used **three packages** to quietly deliver **ZiChatBot**, creating a cross-platform malware risk for **Windows and Linux** installs. The packages we...
ZiChatBot PyPI supply-chain malware delivery
Malware ActivityAbout this happening: A **PyPI supply-chain attack** used **three packages** to quietly deliver **ZiChatBot**, creating a cross-platform malware risk for **Windows and Linux** installs. The packages we...
GlassWorm OpenVSX sleeper extension campaign
Campaign
First: 28.04.2026 00:41
Last: 28.04.2026 00:41
Sources 1
How related:
A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious after an update.
About this happening:
The **GlassWorm** operation has launched a **new wave** against **OpenVSX**, seeding **73 sleeper extensions** that become malicious after an **update** and can deliver malware to...
GlassWorm OpenVSX sleeper extension campaign
CampaignHow related: A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious after an update.
About this happening: The **GlassWorm** operation has launched a **new wave** against **OpenVSX**, seeding **73 sleeper extensions** that become malicious after an **update** and can deliver malware to...
Timeline
-
27.04.2026 14:23 2 articles · 1mo ago
Researchers identify GlassWorm v2 cloned VS Code extensions on Open VSX
Initial DisclosureResearchers identified 73 cloned Microsoft Visual Studio Code (VS Code) extensions on the Open VSX repository tied to GlassWorm v2, with six confirmed malicious and the remainder used as sleeper packages that copied legitimate icons and descriptions to build trust before a later update delivered a GitHub-hosted VSIX payload. The loader chain uses Zig-based droppers and the `--install-extension` command to push the payload into VS Code, Cursor, Windsurf, and VSCodium, with the end goal of stealing credentials and bookmarks, installing a remote access trojan (RAT), and avoiding Russian systems.
Show sources
- Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware — thehackernews.com — 27.04.2026 14:23
- GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions — www.bleepingcomputer.com — 28.04.2026 00:41
-
10.11.2025 10:51 1 articles · 6mo ago
GlassWorm resurfaces in three VS Code extensions
Campaign Scope UpdateGlassWorm resurfaced in three VS Code extensions—ai-driven-dev.ai-driven-dev, adhamu.history-in-sublime-merge, and yasuyuky.transient-emacs—while researchers said the campaign still targets the Visual Studio Code (VS Code) ecosystem, Open VSX removed malicious extensions and rotated or revoked tokens, and a fresh Solana blockchain transaction updated the C2 endpoint; Koi Security also reported victims across the U.S., South America, Europe, and Asia, including a major government entity in the Middle East.
Show sources
- GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs — thehackernews.com — 10.11.2025 10:51