TechTarget and Informa Tech’s Digital Business Combine. TechTarget and Informa TechTarget and Informa Tech’s Digital Business Combine. Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise Newsletter Sign-Up Newsletter Sign-Up Cybersecurity Topics Related Topics Application Security Cybersecurity Careers Cloud Security Cyber Risk Cyberattacks & Data Breaches Cybersecurity Analytics Cybersecurity Operations Data Privacy Endpoint Security ICS/OT Security Identity & Access Mgmt Security Insider Threats IoT Mobile Security Perimeter Physical Security Remote Workforce Threat Intelligence Vulnerabilities & Threats Recent in Cybersecurity Topics Application Security Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain by Elizabeth Montalbano Apr 28, 2026 4 Min Read Сloud Security UNC6692 Combines Social Engineering, Malware, Cloud Abuse UNC6692 Combines Social Engineering, Malware, Cloud Abuse by Alexander Culafi Apr 27, 2026 4 Min Read World Related Topics DR Global Middle East & Africa Asia Pacific Latin America See All The Edge DR Technology Events Related Topics Upcoming Events Podcasts Webinars SEE ALL Resources Related Topics Resource Library Newsletters Podcasts Reports Videos Webinars White Papers Partner Perspectives Dark Reading Resource Library Application Security Threat Intelligence Vulnerabilities & Threats Cybersecurity Operations News Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating malware. Elizabeth Montalbano , Contributing Writer April 28, 2026 4 Min Read Source: Brent Hofacker via Alamy Stock Photo The ongoing GlassWorm campaign has deployed a fresh wave of malicious Visual Studio (VS) Code extensions, many of which seem initially benign but later deploy self-replicating malware that can poison the software supply chain . Researchers from Socket discovered a new cluster of 73 so-called "sleeper" extensions beginning in April, which is related to activity by the self-propagating malware reported last month on the Open VSX marketplace. The latest wave demonstrates that the campaign continues to scale and evolve, according to a recent report published by the Socket Research Team. A sleeper extension or package is a threat actor-controlled imposter that is published before it's weaponized to build trust and generate downloads, but later can be updated to deliver malware. Earlier GlassWorm campaigns seeded sleeper extensions that remained dormant or fetched payloads later from external sources. Related: Vercel Employee's AI Tool Access Led to Data Breach The latest wave of malicious extensions, however, include a capability to automatically fetch and execute malicious payloads at a later date, demonstrating a new evasion and propagation tactic, according to the report. "Some variants rely on external payload retrieval, others rely on bundled native binaries, including reused installer components seen in prior GlassWorm activity," according to the research team. However, the common pattern throughout GlassWorm's latest activity "is that the extension itself acts as a thin loader," according to the report. "The extension's source code alone no longer reflects the behavior that ultimately runs," the team wrote. "By shifting critical logic outside of what tools typically scan, and spreading it across multiple delivery mechanisms, the threat actor increases the likelihood of evading detection." Supply Chain Threat Persists GlassWorm is a family of self-propagating malware first documented as it spread across Open VSX, an open source alternative to Microsoft's Visual Studio Marketplace, by researchers at Koi Security in October 2025. Its name comes from a unique coding technique found in its original incarnation of the stealthy malware that used printable Unicode characters that don't render in a code editor, basically making the malicious code invisible. GlassWorm's goal is to infect software developers with infostealers to obtain a target organization's secrets and credentials, which an attacker can then further weaponize to publish poisoned versions of projects maintained by that victim. This creates a downstream effect on the supply chain and allows the malware to self-replicate; when a victim downloads that poisoned package , they inadvertently facilitate its propagation. Related: North Korea Uses ClickFix to Target macOS Users' Data At least six of the extensions already have been activated with malware, while the others are sleepers or appear potentially suspicious, according to the report. The number of GlassWorm extensions also remains in flux, because it's unclear how many may activate to become malicious. However, they follow a pattern consistent with other GlassWorm infections in that they "are first published without an obvious payload, then later updated to deliver malware through the normal extension update path," the team wrote. The extensions also demonstrate an "impersonation pattern" to mimic legitimate extensions on Open VSX to trick developers into installing malicious ones. In fact, attackers are cloning legitimate listings almost exactly — replicating names, icons, descriptions, and even README content — while only changing subtle details like the publisher name and unique identifier. In one example, a fake Turkish language package closely mimics the official version, making the differences easy to miss during routine browsing, according to the Socket team. "The difference is subtle enough that a developer browsing quickly could miss it," according to the report. "This is the core social engineering pattern behind the latest GlassWorm cluster: cloned listings create enough visual trust to attract installs before any malware is introduced." Related: Critical MCP Integration Flaw Puts NGINX at Risk Increased Evasion Demands a Response The latest dump of GlassWorm extensions doesn't show technical innovation, Idan Dardikman, chief technology officer (CTO) and co-founder at Koi Security, tells Dark Reading. However, it does show a maturing threat actor "running the same playbook at larger scale and with all tools deployed at once," he says, which means the GlassWorm threat continues to persist. As campaigns like this expand, it makes it harder than ever for developers to differentiate between legitimate packages and extensions and malicious ones, perpetuating the existing risk to the software supply chain. For this, Socket urges caution to organizations whose developers use public sites that share code for various software projects. Specifically, before downloading any code that will deployed in a production environment, they should examine factors such as download counts and try to verify if the package or extension is coming from a legitimate user. To help developers recognize malicious extensions related to GlassWorm, the Socket team included a list of indicators of compromise (IoCs) in their report that features the confirmed malware-activated extensions as well as sleeper extensions. The researchers also included IoCs related to native installer binaries and various payloads, including a downloaded VSX payload and links to GitHub payload hosting sites. About the Author Elizabeth Montalbano Contributing Writer Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking. See more from Elizabeth Montalbano Want more Dark Reading stories in your Google search results? Add Us Now More Insights Industry Reports The Agentic SOC: Exploring the Practitioner Mindset as AI Permeates SecOps The Total Economic Impact™ Of Google SecOps The Business Value of Google Threat Intelligence The Total Economic Impact™ Of Google SecOps AI-driven SecOps: Transforming Financial Services Security Access More Research Webinars How Well Can You See What's in Your Cloud? Implementing CTEM: Beyond Vulnerability Management Defending Against AI-Powered Attacks: The Evolution of Adversarial Machine Learning Tips for Managing Cloud Security in a Hybrid Environment? Zero Trust Architecture for Cloud environments: Implementation Roadmap More Webinars Editor's Choice Vulnerabilities & Threats EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses by Rob Wright Apr 14, 2026 8 Min Read Want more Dark Reading stories in your Google search results? 2026 Security Trends & Outlooks Threat Intelligence Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats Jan 2, 2026 Cyber Risk Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult Jan 12, 2026 | 7 Min Read Endpoint Security CISOs Face a Tighter Insurance Market in 2026 Jan 5, 2026 | 7 Min Read Threat Intelligence 2026: The Year Agentic AI Becomes the Attack-Surface Poster Child Jan 30, 2026 | 8 Min Read Download the Collection Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. Subscribe Webinars How Well Can You See What's in Your Cloud? Thurs, June 4, 2026 at 1