New GlassWorm attack targets macOS via compromised OpenVSX extensions

A new GlassWorm malware attack targets macOS systems via compromised OpenVSX extensions, aiming to steal passwords, crypto-wallet data, and developer credentials. The threat actor compromised a developer account and pushed malicious updates to four extensions, which were downloaded 22,000 times. The malware uses invisible Unicode characters to hide its malicious code and supports VNC-based remote access and SOCKS proxying. Developers who downloaded the malicious releases should perform a full system clean-up and rotate all their secrets and passwords.