Post #8598

Researchers found 72 malicious extensions in the Open VSX registry. Attackers publish a harmless VS Code extension, gain trust, then update it to pull a GlassWorm dependency. The payload steals tokens, credentials, and crypto wallets from developer systems. 🔗 Read → https://thehackernews.com/2026/03/glassworm-supply-chain-attack-abuses-72.html