GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs

Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code VS Code ecosystem. The extensions in question, which are still available for download, are listed...

Self-Spreading 'GlassWorm' Infects VS Code Extensions in Widespread Supply Chain Attack

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code VS Code extensions on the Open VSX Registry and the Microsoft Extension Marketplace, underscoring how developers have become a prime target for attacks. The sophisticated threat, codenamed...

GlassWorm Malware Targets Developers Through OpenVSX Marketplace

GlassWorm, a self-propagating malware, infects VS Code extensions through the OpenVSX marketplace, stealing credentials and using blockchain for control...

Dismantling a Critical Supply Chain Risk in VSCode Extension Marketplaces

Wiz Research has uncovered 550+ secrets hiding in plain sight. We worked with Microsoft to shut the door...

CVE-2025-52882 Claude Code IDE extensions allow websocket connections from arbitrary origins

Claude Code is an agentic coding tool. Claude Code extensions in VSCode and forks e.g., Cursor, Windsurf, and VSCodium and JetBrains IDEs e.g., IntelliJ, Pycharm, and Android Studio are vulnerable to unauthorized websocket connections from an attacker when visiting attacker-controlled webpages...