New GlassWorm Supply-Chain Attack Targets Developers via Open-Source Extensions

Cybersecurity researchers identified a new iteration of the GlassWorm supply-chain attack targeting developers by abusing 72 open-source extensions in the Open VSX registry. The campaign escalates its propagation method by leveraging extensionPack and extensionDependencies to convert standalone extensions into transitive attack vectors, reducing the need to embed malicious loaders directly in each listing. No specific dates, CVE IDs, or affected organizations were disclosed in the reported findings. The attack focuses on compromising the software supply chain via the Open VSX platform, though the exact impact on victims remains unspecified. The threat actor’s tactics represent a shift in how malicious extensions are distributed within developer environments.