New Research: Trojanized Open VSX extensions are shipping GlassWASM, a new WebAssembly malware variant.
It hides malware logic in TinyGo-compiled WASM and pulls C2 instructions from Solana transaction memos.
socket.dev/blog/glasswa...
The trojanized extensions use TinyGo-compiled WebAssembly and Solana transaction memos to resolve command-and-control infrastructure.
