A fake developer extension published on the OpenVSX marketplace is silently spreading a known malware strain called GlassWorm to every code editor installed on a developer\u2019s machine. <\/p>\n
The malicious package disguises itself as a legitimate productivity tool and uses a compiled native binary to quietly infect VS Code, Cursor, Windsurf, and several other editors all at once.\u200b<\/p>\n
GlassWorm is not a new threat. It was first spotted in March 2025, hiding malicious payloads inside invisible Unicode characters embedded in npm packages. <\/p>\n
Over the past year, the campaign grew steadily, hitting hundreds of projects on GitHub, npm, and VS Code. <\/p>\n
Before this latest wave, its most damaging move was deploying a persistent Remote Access Trojan<\/a> through a fake Chrome extension that logged keystrokes and stole session cookies from victims.\u200b<\/p>\n Aikido security analysts, who have been tracking the GlassWorm campaign<\/a> for over a year, identified this latest technique in April 2026. <\/p>\n The attack was found hidden inside an OpenVSX extension called\u00a0 On the surface, the extension is nearly identical to the real WakaTime productivity tool \u2014 it shows the same command options, the same API key prompts, and the same status bar icons that developers are familiar with.\u200b<\/p>\n What separates this attack from earlier GlassWorm versions<\/a> is the use of Zig-compiled native binaries. On Windows, the extension ships a file called\u00a0 On macOS, it includes\u00a0 The attack does not stop at a single editor. Once the binary runs, it scans the machine for every IDE that supports VS Code\u2019s extension format \u2014 including VS Code, VS Code Insiders, Cursor, Windsurf, VSCodium, and Positron \u2014 and silently installs a malicious extension into each one. <\/p>\n A developer running Cursor with VS Code also installed would find both environments quietly compromised with no visible warning.\u200b<\/p>\n The infection begins the moment a developer installs\u00a0 Before any legitimate WakaTime code gets a chance to run, the function loads either\u00a0 The native binary then contacts a GitHub Releases page controlled by the attacker and downloads a malicious\u00a0 This package is designed to look like\u00a0 After the installation completes, the downloaded file is deleted to remove any trace of it.\u200b<\/p>\n The second-stage extension is the same GlassWorm dropper that Aikido has been analyzing throughout the campaign\u2019s history. It avoids executing on machines that use Russian system settings, pointing to a deliberate choice by its authors. <\/p>\n Once active, it beacons to a command-and-control server<\/a> that operates through the Solana blockchain, making it more difficult for security teams to block or monitor. <\/p>\n The malware then quietly exfiltrates data from the infected machine and installs a persistent RAT alongside a malicious Chrome extension.\u200b<\/p>\n Developers should check their IDE extension lists immediately for\u00a0 If either appears in any installed editor, the machine should be treated as fully compromised. All credentials, API keys, and stored secrets accessible from that environment should be rotated right away. <\/p>\n Any code repositories connected to the affected machine should also be reviewed for signs of tampering, as the attacker had full system access during the infection window.\u200b<\/p>\n Follow us on\u00a0Google News<\/a>,\u00a0LinkedIn<\/a>,\u00a0and\u00a0X<\/a>\u00a0to Get More Instant Updates<\/strong>,\u00a0Set CSN as a Preferred Source in\u00a0Google<\/a>.<\/strong><\/p>\n The post Trojanized OpenVSX Extension Spreads GlassWorm Across VS Code, Cursor, and Windsurf<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\ncode-wakatime-activity-tracker<\/code>, published under the\u00a0specstudio<\/code>\u00a0account. <\/p>\nwin.node<\/code>, a PE32+ DLL. <\/p>\nmac.node<\/code>, a universal Mach-O binary that runs on both Intel and Apple Silicon hardware. These files load directly into Node.js\u2019s runtime and operate with full access to the operating system, outside the reach of standard sandbox protections.\u200b<\/p>\nHow the Multi-IDE Infection Works<\/strong><\/h2>\n
code-wakatime-activity-tracker<\/code>. The extension\u2019s\u00a0activate()<\/code>\u00a0function, which is supposed to start up the WakaTime tool, has been quietly altered by the attacker. <\/p>\nwin.node<\/code>\u00a0or\u00a0mac.node<\/code>\u00a0from the extension\u2019s bundled\u00a0.\/bin\/<\/code>\u00a0directory and immediately calls\u00a0install()<\/code>. That single call triggers everything that follows.\u200b<\/p>\n.vsix<\/code>\u00a0file named\u00a0autoimport-2.7.9<\/code>. <\/p>\nsteoates.autoimport<\/code>, a popular VS Code extension used by millions of developers. Once downloaded, the file is silently force-installed into every IDE found on the machine using each editor\u2019s own command-line installer. <\/p>\n![\"Second-Stage](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgtPzQ9T7TB7YUD8v8uuTGtyAuqCez8u3tpr3Djz8-9lWBsRtzND2G0iDRmfn8qkF1pKb2EES01vSNjiRyxDUkNuSVZy_J-xeRuD-mkFng6xhGppUijEMXkc8GU3vzBWC76wwfKg1JUshL_pzmDYYty5MJOWlecwO4qOq9JTR4jOcEWc2XbUjCunDYa8jE\/s16000\/Second-Stage%2520Extension%2520%28Source%2520-%2520Aikido%29.webp?ssl=1\")
specstudio\/code-wakatime-activity-tracker<\/code>\u00a0and\u00a0floktokbok.autoimport<\/code>. <\/p>\n