GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
Over Security - Cybersecurity news aggregator [Unofficial]
March 17, 2026
The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions.
Discussion in the ATmosphere