GlassWASM Malware Hidden in Open VSX Extensions

Researchers uncovered GlassWASM, a supply-chain malware campaign that trojanized Open VSX Visual Studio Code extensions to deliver a TinyGo-compiled WebAssembly loader which decrypts strings in memory, polls an attacker-controlled Solana wallet for memos to obtain a C2 host (resolved to dodod.lat), and executes OS-specific download-and-execute commands; packages were removed but defenders are advised to block the host and wallet, hunt for .wasm-as-extension loaders, monitor Node/PowerShell spawning download commands, and rotate exposed credentials.