Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm



February 02, 2026 at 10:34AM

Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open VSX Registry in which unidentified threat actors compromised a legitimate developer's resources to push malicious updates to downstream users. "On January 30, 2026, four established Open VSX extensions published by the oorzc author had malicious versions published to Open VSX that embed the GlassWorm

from The Hacker News https://ift.tt/xR9eV0v

Genrerating Link.... 15 seconds.

Your Link is Ready.

Share this post