GlassWorm Supply-Chain Attack Hijacks 72 VS Code Extensions and 151 GitHub Repositories to Steal Developer Credentials
A coordinated supply-chain campaign abused Open VSX extension dependencies and invisible Unicode payloads to compromise developer environments across VS Code and GitHub.
4 min read3 sources