Malicious Actor Hijacks Open VSX Publisher Account to Distribute GlassWorm Malware

A malicious actor compromised a publisher account on the Open VSX platform to publish malicious versions of four legitimate VS Code extensions. These modified extensions distribute the GlassWorm malware, a loader used to deploy additional malicious software. The attack targets the software supply chain by exploiting a hijacked publisher account. No details are provided regarding the exact date, affected extensions, or specific targets. The impact includes the distribution of GlassWorm, which may be used for subsequent attacks on Mac systems and others.