Alternative press article: https://www.bleepingcomputer.com/news/security/self-spreading-glassworm-malware-hits-openvsx-vs-code-registries/
Identified extensions are mainly on OpenVSX - an alternative VS Code Extension Marketplace.
Update (Oct 19, 2025): A new infected extension detected in Microsoft’s VSCode marketplace - still active.
Bleepingcomputer:
Microsoft has removed the malicious extension frrom its marketplace following the researchers’ alert.
Interesting worm, good that it’s found. Dislike the AI-written sensationalistic article at Koi (their work is still good), so I appreciate the addition of the article from Bleeping Computer.
It’s leaps and bounds better than the Bleeping Computer AI written article. At least the Koi article appears to have utilitized original notes and an editing pass.
