A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious after an update. Six of the extensions have been activated and deliver malware, while researchers assess with high confidence that the rest of them are dormant or at least suspicious. When initially uploaded, the extensions are benign but deliver the payload at a later stage, revealing the attacker's true intention. “This count may change as new updates continue to appear, but the pattern is consistent with earlier GlassWorm waves,” say researchers at application security company Socket. GlassWorm is an ongoing supply chain attack campaign first observed in October, initially using invisible Unicode characters to hide malicious code that steals cryptocurrency wallets and developer credentials. It has since expanded across multiple ecosystems, including GitHub repositories, npm packages, and both the Visual Studio Code Marketplace and OpenVSX. They have also been observed to target macOS users with trojanized crypto wallet clients. A recent wave in mid-March 2026 showed significant scale, affecting hundreds of repositories and dozens of extensions. However, operations of such a scale can be noisy and leave multiple traces, as multiple distinct research teams caught the activity early and helped block it.