Open VSX Registry Hit by Supply Chain Attack in January 2026

On January 30, 2026, a supply chain attack targeted the Open VSX registry. Unidentified malicious actors compromised the account of a legitimate developer (identified as oorzc) to publish malicious versions of four existing extensions. These updates contained the GlassWorm malware. The attack aimed at downstream users of the Open VSX registry, exploiting trust in official updates. No additional technical details about the compromise vector or the functionalities of GlassWorm were provided.