TI Mindmap HUB
Threat Intelligence Report

GlassWorm Loader Hits Open VSX via Developer Account Comprom...

๐Ÿ“… February 1, 2026 ๐Ÿ“ฐ socket.dev ๐Ÿ” 0 CVE(s) referenced

Threat actors compromised a trusted Open VSX developer account to distribute malicious extensions embedding the GlassWorm loader, enabling staged credential and wallet theft, cloud compromise, and persistent macOS infection while evading detection and leveraging blockchain-based command and control.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

๐Ÿ” Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

๐Ÿ“Š Visual Mindmap
๐ŸŽฏ IOC Extraction
โš”๏ธ MITRE ATT&CK TTPs
๐Ÿ“ฆ STIX 2.1 Bundle