Software developers have become prime targets. Not as an afterthought. As the main objective.
On May 26, 2026, at precisely 14:00 UTC, the CrowdStrike Counter Adversary Operations team, working alongside Google and the Shadowserver Foundation, executed a synchronized takedown of the Glassworm botnet. The operation severed all four of the botnet’s command-and-control channels at once. Operators lost contact with infected machines. New malicious payloads stopped flowing.
This wasn’t a routine cleanup. Glassworm had operated since at least early 2025, according to CrowdStrike’s detailed account. Its creators built resilient infrastructure blending blockchain, peer-to-peer networks, and legitimate web services. They adapted code languages from JavaScript to Rust to Zig. They spread across ecosystems. And they focused relentlessly on the people who write the code the world runs on.
“Adversaries are no longer just targeting products, they’re targeting the developers who build them,” CrowdStrike stated in its report. The implications stretch far beyond any single infection. Compromise one developer’s workstation and the damage can cascade through source code repositories, cloud platforms, CI/CD pipelines, and package registries to thousands of downstream users.
Glassworm’s tactics showed sophistication mixed with opportunism. Trojanized Visual Studio Code extensions appeared in the OpenVSX marketplace. Disguised as ordinary time trackers or code formatters, they targeted not only VSCode but also Cursor, Positron, Windsurf, VSCodium and others. Compromised npm and Python packages carried malicious postinstall hooks and setup scripts that ran silently during routine dependency updates. Stolen credentials from earlier victims let operators hijack developer accounts and force-push malicious code into more than 300 GitHub repositories.
The botnet infected hundreds of open-source software components, CyberScoop reported. It ran on Windows, macOS and Linux alike. Its payload included information theft, credential harvesting and a full-featured Node.js remote access tool called GlasswormRAT. Propagation relied on automation and trusted developer workflows. The result was a self-sustaining machine for supply chain compromise.
But the infrastructure that made Glassworm hard to stop also created its vulnerability. The four command-and-control channels were designed for redundancy. One used the Solana blockchain, encoding server addresses in immutable transaction memo fields. Another queried the BitTorrent Distributed Hash Table for configuration data stored against hardcoded public keys. A third hid Base64-encoded paths inside Google Calendar event titles. The fourth relied on conventional virtual private servers.
Take down one channel and the others would keep the botnet alive. So the partners struck all four simultaneously. Infected machines now beacon to a benign CrowdStrike-operated IP address at 164.92.88.210. Security teams can hunt for that connection in network logs as a clear sign of prior infection. CrowdStrike also released two YARA rules to help confirm GlasswormRAT and its obfuscated Python installer components.
Adam Meyers, senior vice president of counter adversary operations at CrowdStrike, described the broader goal. The operation delivers sustained pressure that exposes tradecraft, hardens environments and raises the operating cost for attackers. John Hultquist, vice president and head of threat analysis at Google, put it more bluntly: the effort aims to “bring more pain to attackers.” Piotr Kijewski of the Shadowserver Foundation assisted with analysis that supported the coordinated action.
TechCrunch noted the botnet had targeted the open-source supply chain for two years, using malicious extensions, malvertising and stolen credentials to poison repositories. Its coverage highlighted how the takedown disrupted the criminals’ ability to push malware and steal passwords from developers.
The operators appear likely based in Russia. The malware checks victim locale, language settings and timezone, exiting quietly if it detects a Commonwealth of Independent States country. Russian-language comments appear in the source code. While such indicators can be spoofed or generated by AI tools, the pattern held consistently over more than a year.
This campaign did not emerge in isolation. Supply chain attacks have grown more frequent and inventive. The 2024 compromise attempt against XZ Utils showed how a patient actor could infiltrate a critical open-source project maintained by a single developer. Similar patterns appear in npm ecosystem incidents and attacks on AI-related repositories. Developers sit at the intersection of convenience and high privilege. Their tools, dependencies and accounts offer a direct path to widespread impact.
Yet detection alone falls short. Malicious packages install in seconds through normal update processes. By the time defenders spot them, the code has often reached production. Glassworm cycled through package ecosystems while maintaining persistent access to developer machines. That reality demands a shift toward proactive disruption.
The Glassworm operation sets an example. It combined private-sector intelligence with platform cooperation and nonprofit monitoring. No lengthy judicial process was required to neutralize the immediate threat. Infected systems gained breathing room to remediate. And the broader security community received fresh indicators and techniques to watch for similar campaigns.
Still, the operators were well-resourced and persistent. They evolved their methods over time. Left alone, they could have rebuilt. The takedown raises their costs. It does not eliminate the underlying incentives. Organizations that ship or consume software now face a clearer warning. Developer environments, build pipelines and code repositories require stronger safeguards. Dependency vetting, credential hygiene, behavioral monitoring and segmented access all matter more than ever.
But technical controls address only part of the problem. The human element remains central. Developers work under pressure. They install packages quickly. They reuse credentials. They trust marketplaces and repositories that lack rigorous gatekeeping. Attackers understand this dynamic and design campaigns that blend into normal activity.
So. The Glassworm botnet is down. Its infrastructure lies broken. Yet the shift it represents continues. Adversaries will test new combinations of blockchain, peer-to-peer systems and legitimate services. They will keep chasing developers because the payoff justifies the effort.
Security teams cannot afford to treat developer workstations as just another endpoint. They must view them as critical infrastructure. The same logic that protects core production systems now applies to the laptops and IDEs where code originates. Collaboration across vendors, platforms and researchers will prove essential. Operations like this one demonstrate what coordinated action can achieve.
CrowdStrike put it directly. The security community must respond with equal determination. More such disruptions will be necessary. The fight has moved upstream, into the hands that build the software everyone depends on. And that fight is far from over.