TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

By rooter

Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open VSX Registry in which unidentified threat actors compromised a legitimate developer’s resources to push malicious updates to downstream users.
“On January 30, 2026, four established Open VSX extensions published by the oorzc author had malicious versions published to Open VSX that embed the GlassWorm

Oh hi there đŸ‘‹
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there đŸ‘‹
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries

rooter
Cyber Security

Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning

rooter
Cyber Security

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

rooter

Leave a Reply

You Missed

News

NASA says it needs to haul the Artemis II rocket back to the hangar for repairs

News

An Unbothered Jimmy Wales Calls Grokipedia a ‘Cartoon Imitation’ of Wikipedia

News

The ‘Mutant Mayhem 2’ Release Date Will Shift Until Morale Improves

News

Arturia’s FX Collection 6 adds two new effects and a $99 intro version