this post was submitted on 23 Oct 2025
10 points (100.0% liked)

VS Code

1035 readers
1 users here now

founded 2 years ago
MODERATORS
Ategon@programming.dev
Lodra@programming.dev
10
GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace | Koi Blog (www.koi.ai)
submitted 5 days ago by Kissaki@programming.dev to c/vscode@programming.dev
2 comments fedilink hide all child comments
 

Alternative press article: https://www.bleepingcomputer.com/news/security/self-spreading-glassworm-malware-hits-openvsx-vs-code-registries/

Identified extensions are mainly on OpenVSX - an alternative VS Code Extension Marketplace.

Update (Oct 19, 2025): A new infected extension detected in Microsoft's VSCode marketplace - still active.

Bleepingcomputer:

Microsoft has removed the malicious extension frrom its marketplace following the researchers' alert.

you are viewing a single comment's thread
view the rest of the comments
[–] odelik@lemmy.today 1 points 5 days ago

It's leaps and bounds better than the Bleeping Computer AI written article. At least the Koi article appears to have utilitized original notes and an editing pass.