> TritonInfoSec News
Home / Mar 18, 2026 / Story
1
#2 BleepingComputer general March 17, 2026 at 21:42 UTC

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

By Bill Toulas

AI Summary

The GlassWorm supply-chain campaign returned with coordinated attacks targeting hundreds of packages across GitHub, npm, and VSCode/OpenVSX extensions. This demonstrates the continued evolution of software supply chain attacks targeting developer ecosystems and highlights the need for enhanced package repository security.

Read full article → https://www.bleepingcomputer.com/news/security/gla…

Relevance score: 92.0/100

# More from March 18

  1. 1
    Crypto e-commerce platform Bitrefill accuses North Korea of stealing 18,500 purchase records The Record
  2. 3
    Medusa ransomware gang claims attacks on prominent Mississippi hospital, New Jersey county The Record
  3. 4
    Apple pushes first Background Security Improvements update to fix WebKit flaw BleepingComputer
  4. 5
    AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE The Hacker News
  5. 6
    LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader The Hacker News
  6. 7
    South Korean Police Accidentally Post Cryptocurrency Wallet Password Schneier on Security
  7. 8
    Researchers disclose vulnerabilities in IP KVMs from four manufacturers Ars Technica Security
  8. 9
    Robotic Surgery Giant Intuitive Discloses Cyberattack SecurityWeek
  9. 10
    UK Companies House Exposed Details of Millions of Firms SecurityWeek