BleepingComputer reports that two dozen new VSCode packages on the Microsoft Visual Studio Marketplace and OpenVSX including prettier-vsc.vsce-prettier, clangdcode.clangd-vsce, flutcode.flutter-extension, bphpburn.icons-vscode, and yamlcode.yaml-vscode-extension have facilitated the distribution of the Glassworm malware in a third wave of attacks following the containment of initial infections.Attackers who published the packages on the marketplaces subsequently apply updates with malicious code and inflate download counts to establish trust and popularity in search results to guarantee installation over their legitimate counterparts, according to a Secure Annex report.Moreover, Glassworm has also been updated to leverage Rust-based implants although invisible Unicode characters observed in an earlier iteration of the malware remain in use."We continue to assess and improve our scanning and detections to prevent abuse. Microsoft encourages users to flag suspicious content through a Report Abuse link found on every extension page," said Microsoft.
DevOps, Malware, Supply chain
Glassworm-spreading packages reemerge in Visual Studio, OpenVSX markets

(Credit: Postmodern Studio – stock.adobe.com)
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
AdwareYou can skip this ad in 5 seconds



