1 comment

[ 2.8 ms ] story [ 10.7 ms ] thread
CrowdStrike, Google, and Shadowserver disrupted GlassWorm command-and-control on 2026-05-26 after the campaign used Open VSX extensions, npm and Python packages, and poisoned GitHub repositories to maintain access to developer systems.