GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

SITREP: The GlassWorm malware campaign has resurfaced, now targeting the OpenVSX ecosystem through 73 'sleeper' extensions that activate malicious behavior following updates. This resurgence indicates a strategic shift in the malware's deployment method. TACTICAL ASSESSMENT: The use of sleeper extensions suggests an advanced tactic to evade detection and maintain persistence within software ecosystems. This could lead to increased vulnerabilities in software supply chains, raising concerns for cybersecurity across multiple sectors. PROJECTED VECTORS: Future attacks may expand to other software ecosystems or exploit additional vulnerabilities as the malware evolves.