OPEN VSX was hijacked in a supply chain attack that injected GlassWorm malware into four established extensions on the Open VSX Registry, a marketplace for VS Code extensions, after attackers used compromised developer credentials. The campaign began on 30 January 2026, and the affected extensions—FTP/SFTP/SSH Sync Tool, I18n Tools, vscode mindmap, and scss to css-compile—had previously accumulated over 22,000 downloads before being poisoned.
The malicious updates were published under the account of “oorzc,” an author with a history of maintaining legitimate tools, and the Open VSX security team assessed the activity as consistent with a leaked token or other unauthorized access, according to Open VSX security team.
The embedded payload, dubbed GlassWorm, is a multi‑stage threat designed for stealth and persistence, including decryption and runtime execution of embedded code, Russian-locale avoidance, and Solana blockchain–based dead drops for C2 instructions. It targets macOS developers’ credentials and configuration, including ~/.aws and ~/.ssh, and can harvest data from local wallets, keychains, cookies, and VPN configuration files.