Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that evade standard code review.