Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that's designed to stealthily infect all integrated development environments (IDEs) on a developer's machine.
The technique has been discovered in an Open VSX extension named "specstudio.code-wakatime-activity-tracker," which masquerades as WakaTime, a



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/04/glassworm-campaign-uses-zig-dropper-to.html