Researchers at Aikido Security discovered 151 malicious packages uploaded to GitHub, NPM, and Open VSX between March 3–9, 2026, as part of a supply-chain attack campaign attributed to a group called Glassworm. The packages use invisible Unicode characters to hide malicious code from editors, terminals, and code review tools, rendering traditional defenses ineffective. The visible portions of the packages are high quality—featuring realistic documentation tweaks, version bumps, and bug fixes—leading researchers to suspect the attackers are using LLMs to generate convincing cover. Security firm Koi independently confirmed tracking the same group and also suspects AI involvement.
Sort: