Cybersecurity Today Cybersecurity Today: New Threats from AI and Code Extensions
Oct 24, 2025
A new self-spreading malware called 'Glass Worm' has been discovered hidden in popular Visual Studio Code extensions, leading to major security concerns. It stealthily steals developer credentials by using invisible characters. In addition, AI-powered IDEs have significant flaws, putting millions of developers at risk. A recent survey indicates that AI-driven attacks will surpass ransomware as the primary cybersecurity worry by 2026. Experts provide crucial advice for developers on mitigating these emerging threats.
AI Snips
Chapters
Transcript
Episode notes
Glassworm Hidden In VS Code Extensions
- Jim Love describes the Glassworm discovered in VS Code extensions that had 35,000+ downloads before detection.
- He explains how malicious JavaScript hid in invisible Unicode and stole credentials, drained crypto, and turned machines into proxies.
Invisible Unicode Enables Stealthy Malware
- The worm used invisible Unicode variation selectors so code looked like blank lines to humans and scanners.
- However, AI systems executed the hidden characters as code, enabling stealthy, AI-aware malware.
Immediate Steps For Developer Machines
- Inventory all installed VS Code extensions and compare them to Koi Security's affected list immediately.
- Turn off automatic updates and allow-list only approved extensions until the threat is contained.