GlassWorm campaign expands with 72 malicious Open VSX extensions that hide malware in dependency chains

A new wave of the GlassWorm supply chain campaign has pushed at least 72 more malicious Open VSX extensions into developer environments, according to Socket Research Team. The key shift is not just scale. Attackers are now hiding the malware behind transitive dependencies, which means an extension can look clean at first and only pull […] The post GlassWorm campaign expands with 72 malicious Open VSX extensions that hide malware in dependency chains appeared first on VPN Central.