Cross icon
Test your LLM for oversharing! Test for real-world oversharing risks with role-specific prompts that mimic real workplace questions. FREE - Start Now
protect icon

A new era requires a new set of solutions
Knostic delivers it

Skip to main content
Get Started
Skip to main content
Book a Demo

New Malware, New Problems for IDEs and AI Coding Agents

Knostic Team
by Knostic Team
19 October 2025

Contents

A new malware campaign shows how vulnerable IDEs and AI coding agents have become as part of today’s attack surface.

Ongoing Attacks on Developer Environments

Developers are once again being targeted, this time by a self-propagating malware campaign spreading through VS Code extensions.

GlassWorm, discovered by Koi Security, is a malware that exploits the OpenVSX registry, which supplies both standard VS Code IDEs and AI coding assistants like Cursor and Windsurf.

By abusing compromised developer accounts, attackers upload infected extensions that automatically spread to others, turning the IDE into a delivery mechanism.

Propagation Through Compromised Accounts

The GlassWorm campaign propagates through the OpenVSX registry using compromised developer accounts, the first time this has been observed at scale in IDE ecosystems.

The malware scans for developer credentials, npm tokens, and crypto wallets (roughly 49 formats) that can be reused to update npm or extension packages. It hides loader code with invisible Unicode and PUA characters, and its payload updates through Solana blockchain transactions.

Malicious Extensions Still on the Marketplace

Some compromised extensions remain live on the marketplace even after warnings. One listing even includes a developer’s own disclaimer not to install it, yet it remains available. This persistence shows how weak validation processes in open registries allow malicious uploads to linger.

Reach more about this on our next blog: Open Marketplaces: The Good, the Bad, and The Dangerous

Expanding the Attack Surface

This campaign highlights how developer workstations and AI coding tools have become fully privileged, high-value attack surfaces, the next frontier after browsers and endpoints.

Real-Time Detection with Kirin

In the video below, see how Kirin by Knostic detects an infected extension the moment it’s installed. The user is alerted instantly and guided to remove it, stopping the threat before it spreads.

 

Learn More

Knostic protects developers and AI coding agents against attacks like these.
Learn more: https://www.getkirin.com/

For practical steps to defend against IDE-targeted malware and protect AI-assisted development, see our blog How to Spot and Analyze Malicious VS Code Extensions

Data Leakage Detection and Response for Enterprise AI Search

Learn how to assess and remediate LLM data exposure via Copilot, Glean and other AI Chatbots with Knostic.

Get Access

Mask group-Oct-30-2025-05-23-49-8537-PM

The Data Governance Gap in Enterprise AI

See why traditional controls fall short for LLMs, and learn how to build policies that keep AI compliant and secure.

Download the Whitepaper

data-governance

Rethinking Cyber Defense for the Age of AI

Learn how Sounil Yu’s Cyber Defense Matrix helps teams map new AI risks, controls, and readiness strategies for modern enterprises.

Get the Book

Cyber Defence Matrix - cover

Extend Microsoft Purview for AI Readiness

See how Knostic strengthens Purview by detecting overshared data, enforcing need-to-know access, and locking down AI-driven exposure.

Download the Brief

copilot-img

Build Trust and Security into Enterprise AI

Explore how Knostic aligns with Gartner’s AI TRiSM framework to manage trust, risk, and security across AI deployments.

Read the Brief

miniature-4-min

Real Prompts. Real Risks. Real Lessons.

A creative look at real-world prompt interactions that reveal how sensitive data can slip through AI conversations.

Get the Novella

novella-book-icon

Stop AI Data Leaks Before They Spread

Learn how Knostic detects and remediates oversharing across copilots and search tools, protecting sensitive data in real time.

Download the Brief

LLM-Data-min

Accelerate Copilot Rollouts with Confidence

Equip your clients to adopt Copilot faster with Knostic's AI security layer, boosting trust, compliance, and ROI.

Get the One-Pager

cover 1

Reveal Oversharing Before It Becomes a Breach

See how Knostic detects sensitive data exposure across copilots and search, before compliance and privacy risks emerge.

View the One-Pager

cover 1

Unlock AI Productivity Without Losing Control

Learn how Knostic helps teams harness AI assistants while keeping sensitive and regulated data protected.

Download the Brief

safely-unlock-book-img

Balancing Innovation and Risk in AI Adoption

A research-driven overview of LLM use cases and the security, privacy, and governance gaps enterprises must address.

Read the Study

mockup

Secure Your AI Coding Environment

Discover how Kirin prevents unsafe extensions, misconfigured IDE servers, and risky agent behavior from disrupting your business.

Get the One-Pager

post-widget-13-img

Tags:

research findings
bg-shape-download

See How to Secure and Enable AI in Your Enterprise

Knostic provides AI-native security and governance across copilots, agents, and enterprise data. Discover risks, enforce guardrails, and enable innovation without compromise.

Request a Demo
195 1-min

Related Articles

First Large-Scale AI-Orchestrated Cyber Espionage Campaign
First Large-Scale AI-Orchestrated Cyber Espionage Campaign
18 November 2025
MCP Hijacking of Cursor’s New Browser
MCP Hijacking of Cursor’s New Browser
13 November 2025
Deep Dive: Cursor Code Injection Runtime Attacks
Deep Dive: Cursor Code Injection Runtime Attacks
5 November 2025
Detecting GlassWorm with YARA Rules
Detecting GlassWorm with YARA Rules
27 October 2025
Zero Width Unicode Characters: the Risks you Can't See
Zero Width Unicode Characters: the Risks you Can't See
21 October 2025
background for career

Schedule a demo to see what Knostic can do for you

Let’s talk arrow icon
protect icon

Knostic leads the unbiased need-to-know based access controls space, enabling enterprises to safely adopt AI.

knostic logo white

United States
205 Van Buren St,
Herndon, VA 20170

Become Our Partner

Log in arrow icon Apply now

Free Tools

Industry Solutions

Policies and Legal

Resources

Departments

Roles

Schedule a demo arrow icon
Schedule a demo arrow icon

EXPLORE KNOSTIC

Free Tools

Solutions by Department

Solutions by Role

Solutions by Industry

Resources

COMPANY

Become Our Partner

Log in arrow icon Apply now
Copyright © 2025. All rights reserved