Security Threats Emerge from Malicious and AI-Generated Extensions on Developer Platforms

November 10, 2025 at 08:51 AM

•

1 min read

Security Threats Emerge from Malicious and AI-Generated Extensions on Developer Platforms — Photo: The Hacker News

TL;DR Summary

Cybersecurity researchers have identified three malicious VS Code extensions linked to the GlassWorm campaign, which uses invisible Unicode characters to hide malware, steal credentials, and spread in a worm-like fashion. Despite removal efforts, the threat has resurfaced, leveraging blockchain-based command-and-control infrastructure to maintain resilience. The attack has affected victims worldwide, including a major Middle Eastern government, and has expanded to target GitHub repositories.

Topics:technology #credential-theft #cyberattack #cybersecurity #glassworm #malware #vs-code-extensions

Share this article

GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs The Hacker News
Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace csoonline.com
AI-Created Malicious VS Code Extension and Trojanized npm Packages Raise New Supply Chain Security Concerns CXO Digitalpulse
3 VS Code extensions stealing credentials for GitHub, VSX, and crypto wallets Cryptopolitan
AI-generated ransomware extension found on Visual Studio Marketplace SC Media

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

86%

462 → 63 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights