Four hundred thirty-three compromised components. Zero visual traces.

GlassWorm hid malicious payloads inside Unicode characters that every code editor, every diff tool, and every terminal on Earth renders as empty whitespace. You could stare at the infected file for hours. You would see nothing.

Forget typosquatting. Forget dependency confusion. GlassWorm encoded malware in characters that are literally invisible to the human eye and to every standard review tool developers use daily.

The attack landed across GitHub, npm, VS Code, and OpenVSX between March 3 and March 19, 2026. It hit 200 Python repositories, 151 JavaScript and TypeScript repositories, 72 VS Code and OpenVSX extensions, and 10 npm packages. The targets: cryptocurrency wallets, SSH keys, developer credentials, and AI CLI tool configurations.

Think of it like invisible ink on a contract: you read every clause, sign the document, and later discover there were additional terms written between the lines that you never had a chance to see.

After 20 years of building systems across telecommunications, digital health, and deep-tech imaging, I have seen supply chain attacks evolve from crude package hijacks to sophisticated dependency exploits. GlassWorm is the first one that made me question whether the entire concept of code review still works.