GlassWorm Malware Evolves to Hide in Dependencies

Researchers have identified dozens of malicious GlassWorm extensions that incorporate new evasion techniques to conceal their presence within software dependencies. The malware, tracked under the name GlassWorm, has evolved to avoid detection by hiding in legitimate dependency chains. No specific dates, CVE IDs, or affected organizations were disclosed in the findings. The primary impact involves increased difficulty in detecting and mitigating the malware due to its stealthier deployment methods. The report does not specify the exact number of compromised systems or the geographic scope of the infections.