highMalware & Threats
GlassWorm Campaign Escalates: 72 Malicious Extensions Weaponize Open VSX Dependencies
The GlassWorm supply-chain campaign has evolved its tactics to abuse Open VSX extension dependencies, allowing attackers to distribute malware through initially benign-looking extensions. Researchers identified 72 malicious extensions using this transitive dependency technique.
The Hacker News
supply-chainglasswormvscode