Trojanized OpenVSX extension spreads GlassWorm across VS Code, Cursor, and Windsurf

A fake OpenVSX extension that impersonates WakaTime can infect multiple VS Code-based editors on the same machine, not just the one where a developer installs it. Researchers at Aikido say the malicious extension, specstudio/code-wakatime-activity-tracker, bundles a native Zig-based binary that silently looks for other compatible editors and force-installs a second-stage malicious extension into them. According […] The post Trojanized OpenVSX extension spreads GlassWorm across VS Code, Cursor, and Windsurf appeared first on VPN Central.