Self-Spreading 'GlassWorm' Infects VS Code Extensions in Widespread Supply Chain Attack

Source: The Hacker News | Added:

Researchers have identified a self-propagating worm named GlassWorm that spreads through VS Code extensions, highlighting the vulnerability of developers to supply chain attacks. This marks the second significant attack in the DevOps sector within a short timeframe.

---

Impact: Visual Studio Code extensions, Open VSX Registry, Microsoft Extension Marketplace

In the Wild: Yes

Age: Newly disclosed

Remediation: Not specified

Read Full Original Article →