Malware Mayhem: GlassWorm Infiltrates Developer Extensions with Invisible Code!

GlassWorm malware is targeting developers on Microsoft Visual Studio and OpenVSX marketplaces, infecting 35,800 installations. It uses invisible Unicode characters to hide malicious code and spreads via stolen account info. With command-and-control on Solana blockchain, it’s tough to quash, proving that even malware enjoys its decentralized freedom.

3P
Published: October 20, 2025 4:15 pmAdded: October 20, 2025 at 9:42 amAssembled by: The Editor
Pro Dashboard

Hot Take:

GlassWorm is the ultimate party crasher, sneaking into the VS Code and OpenVSX bash with invisible ink and a penchant for cryptocurrency pilfering. If malware had a Netflix series, this one would be called “Worms Gone Wild!”

Key Points:

– GlassWorm spreads through the OpenVSX and Microsoft Visual Studio marketplaces, infecting 35,800 installations.
– It uses invisible Unicode characters and blockchain technology to hide and execute its malicious payloads.
– The malware attempts to steal credentials and cryptocurrency wallet data from 49 extensions.
– It transforms infected systems into nodes of a criminal network using massively obfuscated JavaScript.
– Researchers discovered at least twelve extensions infected by GlassWorm, with some still available for download.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?