A new supply-chain attack linked to the Glassworm malware campaign is quietly targeting developers by slipping malicious code into hundreds of Python repositories on GitHub. This operation is being tracked as “ForceMemo.”
Instead of breaking into systems directly, the attackers are going after developer accounts. By stealing GitHub tokens and credentials, often collected earlier through compromised environments like malicious VS Code extensions or npm packages, they gain access to legitimate repositories.
Once inside a developer’s GitHub account, the attackers start modifying the repositories themselves. But they don’t do it in an obvious way. Rather than pushing suspicious new commits, they use a stealth trick. The attackers rebase existing commits, insert malicious code into Python files like setup.py, main.py, or app.py, and then force-push the updated history. The commit still shows the same author, message, and timestamp, which makes the change look like it came from the original developer.
Hidden inside those updates is malware. The payload is usually Base64-encoded and heavily obfuscated, and in some cases, it’s even disguised using invisible Unicode characters that look like blank spaces in code editors. That means someone reviewing the code might not even realize malicious instructions are sitting there. So far, more than 150 GitHub repositories have been found using this invisible code trick.
Once the malicious code runs, it pulls additional payloads and communicates with a command-and-control system hosted on the Solana blockchain. Because blockchain records can’t easily be modified or deleted, shutting down this infrastructure becomes much harder.
The malware is capable of stealing tokens, credentials, secrets, and even cryptocurrency wallet data. In some cases, it can also deploy tools like hidden VNC servers or SOCKS proxies, giving attackers remote access to compromised systems.
The first known malicious injections connected to this campaign appeared around March 8, 2026, and the activity hasn’t stopped yet, more repositories are still being affected.
The bigger concern here is the open-source supply chain. A developer might simply clone a repository or install a dependency from what looks like a trusted project, and unknowingly run malicious code that was quietly slipped into it.
Caught feelings for cybersecurity? It’s okay, it happens. Follow us on LinkedIn, Youtube and Instagram to keep the spark alive.
