home.social

#glassworm — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #glassworm, aggregated by home.social.

  1. Glassworm botnet disrupted by takedown of resilient C2 infrastructure

    In a major win for cybersecurity, researchers from CrowdStrike, Google, and The Shadowserver Foundation have successfully disrupted the Glassworm botnet by dismantling its complex command-and-control infrastructure. This takedown cuts off the lifelines of the threat actors, halting their campaigns that had been ongoing since…

    osintsights.com/glassworm-botn

    #BotnetTakedown #Glassworm #C2Infrastructure #Blockchain #Peertopeer

  2. GlassWorm muta ancora: 73 estensioni “sleeper” su Open VSX pronte a svegliarsi come malware

    La campagna GlassWorm torna con 73 nuove estensioni dormanti sul marketplace Open VSX. Socket ha rilevato nuove attivazioni malware da estensioni che erano parse innocue per settimane: un escalation preoccupante per l'intera pipeline di sviluppo software.

    insicurezzadigitale.com/glassw

  3. GlassWorm muta ancora: 73 estensioni “sleeper” su Open VSX pronte a svegliarsi come malware

    La campagna GlassWorm torna con 73 nuove estensioni dormanti sul marketplace Open VSX. Socket ha rilevato nuove attivazioni malware da estensioni che erano parse innocue per settimane: un escalation preoccupante per l'intera pipeline di sviluppo software.

    insicurezzadigitale.com/glassw

  4. GlassWorm muta ancora: 73 estensioni “sleeper” su Open VSX pronte a svegliarsi come malware

    La campagna GlassWorm torna con 73 nuove estensioni dormanti sul marketplace Open VSX. Socket ha rilevato nuove attivazioni malware da estensioni che erano parse innocue per settimane: un escalation preoccupante per l'intera pipeline di sviluppo software.

    insicurezzadigitale.com/glassw

  5. GlassWorm muta ancora: 73 estensioni “sleeper” su Open VSX pronte a svegliarsi come malware

    La campagna GlassWorm torna con 73 nuove estensioni dormanti sul marketplace Open VSX. Socket ha rilevato nuove attivazioni malware da estensioni che erano parse innocue per settimane: un escalation preoccupante per l'intera pipeline di sviluppo software.

    insicurezzadigitale.com/glassw

  6. GlassWorm muta ancora: 73 estensioni “sleeper” su Open VSX pronte a svegliarsi come malware

    La campagna GlassWorm torna con 73 nuove estensioni dormanti sul marketplace Open VSX. Socket ha rilevato nuove attivazioni malware da estensioni che erano parse innocue per settimane: un escalation preoccupante per l'intera pipeline di sviluppo software.

    insicurezzadigitale.com/glassw

  7. GlassWorm: il worm che infetta tutti gli IDE tramite un’estensione OpenVSX contraffatta

    Un dropper compilato in Zig si propaga da un'estensione fake WakaTime su OpenVSX verso tutti gli IDE VS Code-compatibili presenti sulla macchina, deployando un RAT con C2 su blockchain Solana e un'estensione Chrome per il furto di sessioni. Analisi tecnica completa della campagna GlassWorm.

    insicurezzadigitale.com/glassw

  8. ForceMemo: malware ukrywany w repozytoriach przez force-push

    Badacze bezpieczeństwa z StepSecurity odkryli nową kampanię malware, w której atakujący przejmuje masowo konta programistów na GitHub i wstrzykuje złośliwe oprogramowanie do setek repozytoriów. Pierwszą aktywność odnotowano 8 marca 2026 roku, ale według ustaleń badaczy kampania wciąż trwa i przejmowane są kolejne repozytoria. Kampania – nazwana przez badaczy ForceMemo –...

    #Aktualności #Github #Glassworm #Malware

    sekurak.pl/forcememo-malware-u

  9. Im vergangenen Jahr hatte die unsichtbare Schadsoftware Glassworm mehrfach ihr Unwesen getrieben. Jetzt ist der gefährliche Wurm mit einer neuen Angriffswelle zurückgekehrt. Im Visier sind einmal mehr GitHub-Repositorys.

    t3n.de/news/github-schadsoftwa

    #Schadsoftware #Glassworm #GitHub #Wurm #Angriffswelle #Gefahr

  10. Tiens, plot twist ! le bouzin pivote vers windows

    "On March 16, a new Solana memo appeared on the published #GlassWorm wallet (28PKnu, documented by Truesec in October 2025) at 11:42 UTC with a kill-switch toggle set to OFF and a live payload URL. The campaign had reactivated. The payload was not the macOS stealer from Parts 1 and 2. It was a 202KB JavaScript file targeting Windows, bundling native DLLs, a Chrome browser extension disguised as "Google Docs Offline", a DPAPI credential dumper, and exfiltration to a previously unseen server."
    👇
    codeberg.org/tip-o-deincognito

  11. 🚨 Oh no! The dreaded #Glassworm is back, like a transparent hacker on a mission to confuse developers with invisible #Unicode attacks. With 150 #GitHub repositories compromised, the solution is a dizzying list of acronyms and jargon that promises to protect your code, but only if you squint hard enough to see it! 🐛🔍 #SecurityTheater
    aikido.dev/blog/glassworm-retu #InvisibleAttacks #SecurityThreat #DeveloperConfusion #HackerNews #ngated

  12. 🚨 Oh no! The dreaded #Glassworm is back, like a transparent hacker on a mission to confuse developers with invisible #Unicode attacks. With 150 #GitHub repositories compromised, the solution is a dizzying list of acronyms and jargon that promises to protect your code, but only if you squint hard enough to see it! 🐛🔍 #SecurityTheater
    aikido.dev/blog/glassworm-retu #InvisibleAttacks #SecurityThreat #DeveloperConfusion #HackerNews #ngated

  13. 🚨 Oh no! The dreaded #Glassworm is back, like a transparent hacker on a mission to confuse developers with invisible #Unicode attacks. With 150 #GitHub repositories compromised, the solution is a dizzying list of acronyms and jargon that promises to protect your code, but only if you squint hard enough to see it! 🐛🔍 #SecurityTheater
    aikido.dev/blog/glassworm-retu #InvisibleAttacks #SecurityThreat #DeveloperConfusion #HackerNews #ngated

  14. 🚨 Oh no! The dreaded #Glassworm is back, like a transparent hacker on a mission to confuse developers with invisible #Unicode attacks. With 150 #GitHub repositories compromised, the solution is a dizzying list of acronyms and jargon that promises to protect your code, but only if you squint hard enough to see it! 🐛🔍 #SecurityTheater
    aikido.dev/blog/glassworm-retu #InvisibleAttacks #SecurityThreat #DeveloperConfusion #HackerNews #ngated

  15. 🚨 Oh no! The dreaded #Glassworm is back, like a transparent hacker on a mission to confuse developers with invisible #Unicode attacks. With 150 #GitHub repositories compromised, the solution is a dizzying list of acronyms and jargon that promises to protect your code, but only if you squint hard enough to see it! 🐛🔍 #SecurityTheater
    aikido.dev/blog/glassworm-retu #InvisibleAttacks #SecurityThreat #DeveloperConfusion #HackerNews #ngated

  16. When I say "IT mostly just runs in circles" I mean it: arstechnica.com/security/2026/

    This article from 2026 describes something I've been fighting with ~17 years ago. Sure, slightly more clever payload and different delivery method, but in principle nothing new: github.com/MichalBryxi/Apache-

    #Glassworm #Unicode #InvisibleCharacters #Whitespace #Hack

  17. When I say "IT mostly just runs in circles" I mean it: arstechnica.com/security/2026/

    This article from 2026 describes something I've been fighting with ~17 years ago. Sure, slightly more clever payload and different delivery method, but in principle nothing new: github.com/MichalBryxi/Apache-

    #Glassworm #Unicode #InvisibleCharacters #Whitespace #Hack

  18. When I say "IT mostly just runs in circles" I mean it: arstechnica.com/security/2026/

    This article from 2026 describes something I've been fighting with ~17 years ago. Sure, slightly more clever payload and different delivery method, but in principle nothing new: github.com/MichalBryxi/Apache-

    #Glassworm #Unicode #InvisibleCharacters #Whitespace #Hack

  19. When I say "IT mostly just runs in circles" I mean it: arstechnica.com/security/2026/

    This article from 2026 describes something I've been fighting with ~17 years ago. Sure, slightly more clever payload and different delivery method, but in principle nothing new: github.com/MichalBryxi/Apache-

    #Glassworm #Unicode #InvisibleCharacters #Whitespace #Hack

  20. When I say "IT mostly just runs in circles" I mean it: arstechnica.com/security/2026/

    This article from 2026 describes something I've been fighting with ~17 years ago. Sure, slightly more clever payload and different delivery method, but in principle nothing new: github.com/MichalBryxi/Apache-

    #Glassworm #Unicode #InvisibleCharacters #Whitespace #Hack

  21. RE: infosec.exchange/@_r_netsec/11

    Waah, joli boulot.
    Je me demande qui en est l’auteur.

    lecture technique très intéressante.
    Une analyse statique complétée par du monitoring comportementale réseau qui plonge dans les entrailles du ver infostealer macOS injecté dans un plugin VS Code lors de la campagne Glassworm v2.. 👀

    C’est balaise et résilient, avec une belle répartition des tâches de vol entre AppleScript et Node.js. :amaze:

    Les échantillons déobfusqués ont aussi été mis à disposition sur #malwarebazaar

    bazaar.abuse.ch/sample/d72c1c7

    #CyberVeille #MacSecurity #macOS #Malware #ThreatIntel #Glassworm
    👇

  22. 📰 Open VSX Marketplace Hit by Supply Chain Attack Spreading "GlassWorm" Malware

    📢 Open VSX Registry hit by supply chain attack! A compromised developer account was used to inject GlassWorm malware into 4 popular VS Code extensions, affecting 22k+ downloads. #OpenVSX #SupplyChain #Malware #GlassWorm

    🔗 cyber.netsecops.io/articles/op

  23. 📰 Open VSX Marketplace Hit by Supply Chain Attack Spreading "GlassWorm" Malware

    📢 Open VSX Registry hit by supply chain attack! A compromised developer account was used to inject GlassWorm malware into 4 popular VS Code extensions, affecting 22k+ downloads. #OpenVSX #SupplyChain #Malware #GlassWorm

    🔗 cyber.netsecops.io/articles/op

  24. GlassWorm has resurfaced with 24 malicious extensions posing as popular developer tools across Visual Studio Marketplace and Open VSX. The campaign uses Rust implants, Solana-based C2, and inflated download stats to slip harmful updates into trusted environments.

    This wave shows how supply-chain attacks continue evolving by blending seamlessly into developer workflows.

    What protections do you think dev ecosystems should prioritize next?

    Follow us for consistent, unbiased cybersecurity coverage.

    #infosec #glassworm #supplychainsecurity #devsecops #vscode #openvsx #malware #threatintel #securityresearch #technadu