New GlassWorm malware wave targets Macs with trojanized crypto wallets
Jan 01, 2026
BleepingComputer
security incident
GlassWorm malware campaign has launched a fourth wave targeting macOS developers through trojanized VSCode extensions in OpenVSX and Microsoft Visual Studio Marketplace. The malware steals developer credentials, cryptocurrency wallet data, browser...
My Take: If your developers are installing VS Code extensions without vetting them, your supply chain security controls are theoretical at best. This is exactly the kind of attack path your ISO 27001 asset management and SOC 2 change management controls should catch—but only if you're actually enforcing them beyond the policy doc.
From digest:
2026-01