The GlassWorm campaign targeting VS Code extensions on Open VSX has been fully contained, with malicious extensions removed and no ongoing threats detected. The incident highlighted the importance of improved security practices, including token revocation and automated scanning. #GlassWorm #OpenVSX
Keypoints
- GlassWorm was a malicious campaign that infected VS Code extensions on Open VSX.
- The malware could steal sensitive information, drain cryptocurrency wallets, and enable remote access.
- Malicious extensions used Unicode variation selectors to hide embedded code from editors.
- Open VSX responded by removing malicious extensions, revoking exposed tokens, and enhancing security measures.
- The incident was considered fully contained by October 21 with no ongoing threats reported.
Read More: https://www.securityweek.com/open-vsx-downplays-impact-from-glassworm-campaign/