.png?width=1816&height=566&name=brandmark-design%20(83).png "Tech Channels - IT News, Resources & Insights")
GlassWorm, a worm infecting extensions on both the Open VSX Registry and Microsoft’s official marketplace, recently spread through the Visual Studio Code ecosystem, embedding itself into popular extensions and silently compromising developer environments (IT News, 2025).
For DevOps teams, trusted tools like Visual Studio Code (VS Code) are part of the daily workflow but in October, GlassWorm turned that trust into a liability. Spotted by Koi Security researchers, the worm slipped into 14 extensions (13 from Open VSX and one from the Microsoft Extension Marketplace), infecting tens of thousands of machines. Once installed, GlassWorm steals credentials for GitHub, npm, and Open VSX accounts(Koi.ai, 2025). It siphons crypto from 49 wallet extensions. It even installs proxies and hidden VNC servers to turn developer machines into launchpads for broader attacks quietly. And it spreads autonomously.
GlassWorm followed closely on the heels of Shai-Hulud, a self-spreading worm discovered in mid-September that compromised the npm JavaScript package ecosystem. Shai-Hulud marked a turning point by targeting the registry-level infrastructure used by developers globally. In less than 30 days, GlassWorm took the concept further, moving from package registries to development environments, targeting the very tools used to build and ship software. Threat actors escalated further, weaponizing the development environment itself.
The Catch-22 of DevOps is that auto-updating tools and libraries are essential for keeping code fresh and secure. But GlassWorm exploited that very speed. No pop-ups. No prompts. No warnings. As soon as the affected extensions were updated, the worm got to work. What made the malware especially hard to spot was its use of Unicode variation selectors: invisible characters that hid malicious code from view. To human reviewers and most scanning tools, it appeared to be harmless text.
Rather than rely on a centralized server that can be traced and taken down, GlassWorm embedded its command-and-control signals in Solana blockchain transactions. It used the memo field in a wallet transaction to store instructions. If that failed, it reached for a backup: Google Calendar events laced with base64 commands. For defenders, this means that traditional threat-hunting techniques are ineffective. You can’t block a blockchain. You can’t take down a calendar.
This incident shows how attackers are targeting the start of the software lifecycle, not the end. In the past, security teams focused on production environments and cloud workloads. But if an attacker controls your code before it’s even pushed, what happens in staging or prod is beside the point. And developers are soft targets. Most lack endpoint monitoring. Few run antivirus software on their machines. Fewer still have guardrails around the extensions they install.
As of this writing, GlassWorm remains under active investigation. Koi Security has tracked its spread to over 35,800 downloads. The infected extensions were pulled, but with the stolen credentials in play, more seeded packages may already be circulating.
