GlassWorm Malware Infiltrates macOS Developer Tools via OpenVSX

A sophisticated new supply chain attack, dubbed GlassWorm, is actively targeting macOS systems by exploiting compromised extensions within the OpenVSX Registry. This campaign poses a significant threat to developers, aiming to exfiltrate highly sensitive data, including passwords, cryptocurrency wallet information, and critical configuration details. Security researchers recently detailed how attackers are leveraging popular, legitimate extensions on OpenVSX—an open-source alternative to the Visual Studio Code Marketplace. Malicious code is injected into these trusted tools, establishing a foothold when a developer installs or updates a tainted extension. Once active, GlassWorm systematically scans for and steals valuable intellectual property and credentials from the infected system. "The stealthy nature of this attack, nestled within commonly used developer tools, makes it particularly insidious and challenging to detect," noted one security analyst. While specific compromised extensions have not been widely publicized to prevent further exploitation, this incident underscores a critical vulnerability in the software supply chain. Developers are now urged to exercise extreme…