Key Findings

* GlassWorm malware campaign targeting Python repositories

* Attackers use stolen GitHub tokens to force-push malicious code

* Targets Python projects including Django apps, ML code, and PyPI packages

* Earliest injections traced to March 8, 2026

* Uses a new offshoot called "ForceMemo"

* Leverages malicious VS Code and Cursor extensions to steal credentials

* Payload includes cryptocurrency theft and data exfiltration capabilities

Background

The GlassWorm attack represents a sophisticated software supply chain security threat targeting Python developers and repositories. The campaign exploits vulnerabilities in developer systems through malicious Visual Studio Code and Cursor extensions, with the primary goal of stealing GitHub authentication tokens and injecting malware into open-source projects.

Attack Methodology

The attack follows a precise four-step process:

* Compromise developer systems using malicious VS Code extensions

* Steal GitHub credentials and tokens

* Force-push malicious changes to repositories

* Inject obfuscated malware into critical Python files

Payload Characteristics

The malware payload contains several unique features:

* Base64-encoded injection

* Locale-based execution check (skips if system locale is Russian)

* Retrieves additional instructions from a specific Solana wallet

* Designed to steal cryptocurrency and system data

Technical Sophistication

The attackers demonstrate advanced techniques:

* Preserves original commit messages and author information

* Rewrites git history without leaving visible traces

* Uses transitive distribution models

* Regularly updates payload URLs

* Leverages invisible Unicode character obfuscation

Infrastructure

The campaign uses a consistent Solana wallet (BjVeAjPrSKFiingBn4vZvghsGj9KCE8AJVtbc9S8o8SC) as a command and control infrastructure, with transaction history dating back to November 27, 2025.

Potential Impact

The attack potentially compromises hundreds of Python repositories, posing significant risks to developers and organizations relying on open-source software. Researchers warn that simply cloning or installing code from affected repositories could trigger malware execution.

Detection and Mitigation

Organizations are advised to:

* Carefully audit GitHub repository changes

* Use robust token management practices

* Implement strict extension validation

* Monitor for unusual force-push activities

Sources

• https://thehackernews.com/2026/03/glassworm-attack-uses-stolen-github.html

• https://x.com/TheCyberSecHub/status/2033631785251442730

• https://www.reddit.com/r/SecOpsDaily/comments/1rvkgxx/glassworm_attack_uses_stolen_github_tokens_to/