GLASSWORM has evolved again, this time using a Zig-based dropper hidden in a fake IDE extension to spread across multiple developer tools, according to Aikido. Active since 2025, the campaign has moved from malicious npm packages to large-scale supply chain attacks across GitHub, npm and VS Code, even deploying RATs via fake browser extensions.
In the latest iteration, threat actors used a malicious OpenVSX extension impersonating WakaTime, bundling a Zig-compiled binary that acts as a stealthy dropper rather than the payload itself, infecting all detected IDEs on a system. The binary runs outside the JavaScript sandbox with full system access, downloads a fake extension from GitHub, and installs it across IDEs like VS Code, Cursor and VSCodium before deleting traces.
The second-stage extension is the known GlassWorm dropper, communicates with a Solana-based C2, and can steal data while installing a persistent RAT, including a malicious Chrome extension. If you see specstudio/code-wakatime-activity-tracker or floktokbok[.]autoimport in your IDE, treat the machine as compromised and rotate any exposed credentials.