Malicious AI-made extension with ransomware capabilities sneaks on to Microsoft's official VS Code marketplace - so devs beware

A malicious extension was published on Microsoft’s official VS Code marketplace, and was able to remain there for some time gathering downloads and infecting people’s computers.
bitnewsbot

GlassWorm Worm Targets VS Code Extensions in Major Supply Chain Attack

On October 17, 2025, Cybersecurity researchers identified a self-spreading worm named GlassWorm infecting Visual Studio Code (VS Code) extensions available on the Open VSX Registry and Microsoft ...
InfoWorld

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...
SecurityWeek

Supply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ Malware

The malware uses invisible Unicode characters to hide its code and blockchain-based infrastructure to prevent takedowns. Visual Studio developers are targeted with a self-propagating worm in a ...
Dark Reading

Self-Propagating GlassWorm Attacks VS Code Supply Chain

A self-propagating worm is targeting Visual Studio Code (VS Code) extensions in a complex supply chain attack that has infected 35,800 developer machines so far with techniques the likes of which ...
GitHub

Legacy Avalonia AXAML Viewer Visual Studio Extension

Yes, the same Avalonia GUI Previewer and syntax highlighter that you've grown to love under the MIT license. The fork preserves the legacy Avalonia Visual Studio Extension at git hash, 7bf4941, ...