GlassWorm, an extremely sophisticated self – propagating malware campaign, has just reemerged and continues to jeopardize the global programming ecosystem as it infects three new extensions on the VS Code platform. According to Koi Security – the first unit to detect the campaign – the new wave of infections occurred just 16 days after OpenVSX announced it had fully controlled the incident on October 21, 2025. This shows that GlassWorm is not only untouched but also capable of very rapid recovery and expansion.

On November 6, 2025, Koi Security noted that three OpenVSX extensions were infected with GlassWorm, including: ai – driven – dev.ai – driven-dev, adhamu.history – in – sublime – merge, and yasuyuky.transient – emacs, with a total download of nearly 10,000. The infection alone affected some 10,000 computers of programmers and organizations, spread across the U.S., South America, Europe, Asia, and even involved a major government agency in the Middle East.

GlassWorm’s most dangerous feature is its ability to hide malicious code with invisible Unicode characters. The attacker inserted payloads into characters that could not be seen with the naked eye, causing the malicious code to “disappear” upon reading the source code but still be executed by the interpreter normally. This allows malicious code to blend seamlessly with valid code, overcoming both programmer-specific and many automated analysis tools.

Not only that, GlassWorm has also spread to GitHub repositories by stealing authentication information and pushing malicious pledges into various repositives. These commits are created with the help of AI, which helps the payload to be hidden in the valid code, making detection even more difficult. GlassWorm’s control infrastructure is designed to last long when using the Solana blockchain as a control and update (C2) channel. With only extremely low-cost blockchain transactions, malicious code can automatically receive new endpoints even when the primary control server is disabled.

Despite numerous containment efforts, GlassWorm remained in stable operation. Data Koi Security collected from an exposed endpoint showed the scale of the actual damage, and provided important clues for tracking the targets that were infiltrated. The re-emergence of GlassWorm is a serious warning of the threat of software supply chain attack, especially with increasingly sophisticated code-hiding techniques, which requires the development community and institutions to actively enhance source code inspection, monitoring and security.