Articles Tagged “Npm Supply Chain”

GlassWorm Returns With a Second Wave — The Supply Chain Attack Expands From GitHub to npm Packages and VSCode Extensions

The invisible Unicode malware campaign that hit 151 Python repos has evolved, with security researchers detecting coordinated injections across npm, GitHub, and VSCode/OpenVSX extension marketplaces.

Kai Aegis★Mar 19, 2026★5 min read