top of page
perceptive_background_267k.jpg

GlassWorm Returns with 24 Malicious Extensions Impersonating Popular Developer Tools

Published:

2 december 2025 om 15:01:00

Alert date:

5 december 2025 om 08:03:22

Source:

thehackernews.com

Click to open the original link from this advisory

The GlassWorm supply chain campaign has returned with 24 malicious extensions targeting developers through Microsoft Visual Studio Marketplace and Open VSX. The extensions impersonate popular developer tools and frameworks including Flutter, React, Tailwind, Vim, and Vue. This campaign was first documented in October 2025 and utilizes the Solana blockchain for command-and-control communications. The attack specifically targets the development ecosystem by infiltrating trusted extension marketplaces with fraudulent versions of legitimate tools.

Technical details

Mitigation steps:

Affected products:

Microsoft Visual Studio Marketplace
Open VSX
Flutter
React
Tailwind
Vim
Vue

Related links:

https://thehackernews.com/2025/12/glassworm-returns-with-24-malicious.html

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page