GlassWorm malware is exploiting the OpenVSX marketplace to target developers, highlighting the risks associated with third-party software repositories. Developers are urged to exercise caution when downloading extensions.

Researchers at Koi Security have identified a new cyber threat named GlassWorm that spreads through infected Visual Studio Code extensions. Utilizing invisible Unicode characters, this worm evades detection and employs the Solana blockchain for command-and-control operations.