Executive Summary
In January 2026, the GlassWorm malware campaign targeted macOS developers by infiltrating the Open VSX marketplace with malicious Visual Studio Code extensions. These extensions, downloaded over 50,000 times before removal, masqueraded as legitimate tools like 'Prettier Pro' and other productivity enhancers. Once installed, the malware delayed execution to evade detection, then decrypted and executed an AES-256-CBC encrypted JavaScript payload. It established persistence via LaunchAgents, harvested sensitive data—including GitHub and npm credentials, SSH keys, and macOS Keychain entries—and attempted to replace hardware wallet applications such as Ledger Live and Trezor Suite with trojanized versions. Command-and-control communication was maintained through the Solana blockchain, complicating traditional detection and mitigation efforts. This incident underscores the evolving sophistication of supply chain attacks targeting developer ecosystems, emphasizing the need for rigorous extension vetting processes and heightened awareness of the security risks associated with third-party development tools.
Why This Matters Now
The GlassWorm campaign highlights the increasing sophistication of supply chain attacks targeting developer tools, emphasizing the urgent need for enhanced security measures in open-source ecosystems to protect sensitive data and maintain trust.
Attack Path Analysis
The GlassWorm malware campaign began with the compromise of a legitimate developer's account, leading to the distribution of malicious Visual Studio Code extensions. Upon installation, the malware escalated privileges by accessing sensitive system areas and establishing persistence through LaunchAgents. It then moved laterally by leveraging stolen credentials to infect additional developer environments. The malware maintained command and control via the Solana blockchain, enabling remote access and data exfiltration. Sensitive data, including credentials and cryptocurrency wallet information, was exfiltrated to attacker-controlled servers. The impact included unauthorized access to developer systems, potential financial loss, and the propagation of malware within the developer community.
Kill Chain Progression
Initial Compromise
Description
The attacker compromised a legitimate developer's account to distribute malicious Visual Studio Code extensions via the OpenVSX marketplace.
Related CVEs
CVE-2025-6705
CVSS 5.3Improper control of dynamically-managed code resources in Eclipse Foundation OpenVSX allows attackers to execute arbitrary build scripts, potentially leading to privilege escalation.
Affected Products:
Eclipse Foundation OpenVSX – < June 24, 2025
Exploit Status:
no public exploit
MITRE ATT&CK® Techniques
Techniques identified for SEO/filtering; may be expanded with full STIX/TAXII enrichment later.
Compromise Software Supply Chain
Command and Scripting Interpreter: JavaScript
Command and Scripting Interpreter: AppleScript
Event Triggered Execution: Launch Agent
Credentials from Password Stores: Keychain
Data from Local System
Exfiltration Over C2 Channel
Potential Compliance Exposure
Mapping incident impact across multiple compliance frameworks.
PCI DSS 4.0 – Ensure that all system components and software are protected from known vulnerabilities by installing applicable security patches
Control ID: 6.2.3
NYDFS 23 NYCRR 500 – Cybersecurity Policy
Control ID: 500.03
DORA – ICT Risk Management Framework
Control ID: Article 5
CISA ZTMM 2.0 – Asset Management
Control ID: 3.1
NIS2 Directive – Cybersecurity Risk Management Measures
Control ID: Article 21
Sector Implications
Industry-specific impact of the vulnerabilities, including operational, regulatory, and cloud security risks.
Computer Software/Engineering
GlassWorm supply chain attack compromises OpenVSX extensions targeting developer credentials, requiring zero trust segmentation and egress security to prevent lateral movement.
Information Technology/IT
macOS-targeting malware through compromised development extensions demands multicloud visibility, threat detection, and encrypted traffic controls to protect IT infrastructure operations.
Financial Services
Crypto-wallet credential theft via supply chain compromise necessitates enhanced egress filtering, anomaly detection, and compliance with data protection regulations.
Computer/Network Security
Security professionals face direct targeting through development tool compromise, requiring inline IPS, kubernetes security, and cloud native security fabric deployment.
Sources
- New GlassWorm attack targets macOS via compromised OpenVSX extensionshttps://www.bleepingcomputer.com/news/security/new-glassworm-attack-targets-macos-via-compromised-openvsx-extensions/Verified
- GlassWorm malware returns on OpenVSX with 3 new VSCode extensionshttps://www.bleepingcomputer.com/news/security/glassworm-malware-returns-on-openvsx-with-3-new-vscode-extensions/Verified
- GlassWorm Malware Campaign Deploys 24 New Packages Across OpenVSX and Microsoft Visual Studiohttps://cyberpress.org/glassworm-malware-campaign/Verified
- GlassWorm Malware Targets Developers Through OpenVSX Marketplacehttps://hackread.com/glassworm-malware-developers-openvsx-marketplace/Verified
Frequently Asked Questions
Cloud Native Security Fabric Mitigations and ControlsCNSF
Aviatrix Zero Trust CNSF is pertinent to the GlassWorm incident as it could have limited the malware's ability to move laterally and exfiltrate data by enforcing strict segmentation and controlled egress policies.
Control: Cloud Native Security Fabric (CNSF)
Mitigation: The CNSF may have constrained the malware's ability to communicate with unauthorized external servers, thereby limiting its reach.
Control: Zero Trust Segmentation
Mitigation: Zero Trust Segmentation would likely have limited the malware's access to sensitive system areas, reducing its ability to escalate privileges.
Control: East-West Traffic Security
Mitigation: East-West Traffic Security could have restricted the malware's ability to move laterally, thereby limiting its spread to other developer environments.
Control: Multicloud Visibility & Control
Mitigation: Multicloud Visibility & Control would likely have identified and constrained unauthorized command and control communications, reducing the malware's operational capabilities.
Control: Egress Security & Policy Enforcement
Mitigation: Egress Security & Policy Enforcement could have limited the malware's ability to exfiltrate sensitive data, thereby reducing data loss.
The implementation of Aviatrix Zero Trust CNSF controls would likely have reduced the overall impact by limiting unauthorized access and data exfiltration.
Impact at a Glance
Affected Business Functions
- Software Development
- Version Control
- Package Management
Estimated downtime: 7 days
Estimated loss: $50,000
GitHub and npm credentials, cryptocurrency wallet data, and sensitive source code.
Recommended Actions
Key Takeaways & Next Steps
- • Implement Zero Trust Segmentation to restrict unauthorized access and limit the spread of malware within the network.
- • Enhance Threat Detection & Anomaly Response capabilities to identify and respond to unusual activities indicative of compromise.
- • Utilize Multicloud Visibility & Control to monitor and manage security policies across diverse cloud environments.
- • Enforce Egress Security & Policy Enforcement to control outbound traffic and prevent unauthorized data exfiltration.
- • Deploy Inline IPS (Suricata) to detect and prevent known exploit patterns and malicious payloads in network traffic.
