{"id":10343,"date":"2025-11-10T19:43:54","date_gmt":"2025-11-10T12:43:54","guid":{"rendered":"https:\/\/infosec.new88088.net\/?p=10343"},"modified":"2026-02-03T19:45:40","modified_gmt":"2026-02-03T12:45:40","slug":"glassworm-tai-xuat-ma-doc-unicode-vo-hinh-lay-nhiem-vs-code-lan-sang-github","status":"publish","type":"post","link":"https:\/\/infosec.new88088.net\/2025\/11\/10\/glassworm-tai-xuat-ma-doc-unicode-vo-hinh-lay-nhiem-vs-code-lan-sang-github\/","title":{"rendered":"GlassWorm t\u00e1i xu\u1ea5t: M\u00e3 \u0111\u1ed9c Unicode v\u00f4 h\u00ecnh l\u00e2y nhi\u1ec5m VS Code, lan sang GitHub"},"content":{"rendered":"

GlassWorm, m\u1ed9t chi\u1ebfn d\u1ecbch m\u00e3 \u0111\u1ed9c t\u1ef1 lan truy\u1ec1n c\u1ef1c k\u1ef3 tinh vi, v\u1eeba t\u00e1i xu\u1ea5t v\u00e0 ti\u1ebfp t\u1ee5c g\u00e2y nguy hi\u1ec3m cho h\u1ec7 sinh th\u00e1i l\u1eadp tr\u00ecnh to\u00e0n c\u1ea7u khi l\u00e2y nhi\u1ec5m th\u00eam ba ti\u1ec7n \u00edch m\u1edf r\u1ed9ng m\u1edbi tr\u00ean n\u1ec1n t\u1ea3ng VS Code. Theo Koi Security \u2013 \u0111\u01a1n v\u1ecb \u0111\u1ea7u ti\u00ean ph\u00e1t hi\u1ec7n chi\u1ebfn d\u1ecbch n\u00e0y \u2013 l\u00e0n s\u00f3ng l\u00e2y nhi\u1ec5m m\u1edbi x\u1ea3y ra ch\u1ec9 16 ng\u00e0y sau khi OpenVSX tuy\u00ean b\u1ed1 \u0111\u00e3 ki\u1ec3m so\u00e1t ho\u00e0n to\u00e0n s\u1ef1 c\u1ed1 v\u00e0o ng\u00e0y 21\/10\/2025. \u0110i\u1ec1u n\u00e0y cho th\u1ea5y GlassWorm kh\u00f4ng nh\u1eefng ch\u01b0a b\u1ecb tri\u1ec7t ph\u00e1 m\u00e0 c\u00f2n c\u00f3 kh\u1ea3 n\u0103ng ph\u1ee5c h\u1ed3i v\u00e0 m\u1edf r\u1ed9ng r\u1ea5t nhanh.<\/p>\n

\"\"<\/p>\n

Ng\u00e0y 6\/11\/2025, Koi Security ghi nh\u1eadn ba ti\u1ec7n \u00edch m\u1edf r\u1ed9ng tr\u00ean OpenVSX b\u1ecb nhi\u1ec5m GlassWorm, bao g\u1ed3m: ai-driven-dev.ai-driven-dev, adhamu.history-in-sublime-merge v\u00e0 yasuyuky.transient-emacs, v\u1edbi t\u1ed5ng s\u1ed1 l\u01b0\u1ee3t t\u1ea3i l\u00ean t\u1edbi g\u1ea7n 10.000. Ch\u1ec9 ri\u00eang \u0111\u1ee3t nhi\u1ec5m n\u00e0y \u0111\u00e3 khi\u1ebfn kho\u1ea3ng 10.000 m\u00e1y t\u00ednh c\u1ee7a l\u1eadp tr\u00ecnh vi\u00ean v\u00e0 t\u1ed5 ch\u1ee9c b\u1ecb \u1ea3nh h\u01b0\u1edfng, tr\u1ea3i r\u1ed9ng t\u1ea1i M\u1ef9, Nam M\u1ef9, ch\u00e2u \u00c2u, ch\u00e2u \u00c1 v\u00e0 th\u1eadm ch\u00ed li\u00ean quan t\u1edbi m\u1ed9t c\u01a1 quan ch\u00ednh ph\u1ee7 l\u1edbn \u1edf Trung \u0110\u00f4ng.<\/p>\n

\u0110i\u1ec3m nguy hi\u1ec3m nh\u1ea5t c\u1ee7a GlassWorm n\u1eb1m \u1edf k\u1ef9 thu\u1eadt \u1ea9n m\u00e3 \u0111\u1ed9c b\u1eb1ng c\u00e1c k\u00fd t\u1ef1 Unicode v\u00f4 h\u00ecnh. K\u1ebb t\u1ea5n c\u00f4ng ch\u00e8n payload v\u00e0o nh\u1eefng k\u00fd t\u1ef1 kh\u00f4ng th\u1ec3 nh\u00ecn th\u1ea5y b\u1eb1ng m\u1eaft th\u01b0\u1eddng, khi\u1ebfn \u0111o\u1ea1n m\u00e3 \u0111\u1ed9c \u201cbi\u1ebfn m\u1ea5t\u201d khi \u0111\u1ecdc m\u00e3 ngu\u1ed3n nh\u01b0ng v\u1eabn \u0111\u01b0\u1ee3c tr\u00ecnh th\u00f4ng d\u1ecbch th\u1ef1c thi b\u00ecnh th\u01b0\u1eddng. C\u00e1ch th\u1ee9c n\u00e0y gi\u00fap m\u00e3 \u0111\u1ed9c h\u00f2a tr\u1ed9n ho\u00e0n to\u00e0n v\u1edbi m\u00e3 h\u1ee3p l\u1ec7, v\u01b0\u1ee3t qua c\u1ea3 s\u1ef1 ki\u1ec3m tra th\u1ee7 c\u00f4ng c\u1ee7a l\u1eadp tr\u00ecnh vi\u00ean l\u1eabn nhi\u1ec1u c\u00f4ng c\u1ee5 ph\u00e2n t\u00edch t\u1ef1 \u0111\u1ed9ng.<\/p>\n

Kh\u00f4ng d\u1eebng l\u1ea1i \u1edf \u0111\u00f3, GlassWorm c\u00f2n lan r\u1ed9ng sang c\u00e1c kho GitHub b\u1eb1ng c\u00e1ch \u0111\u00e1nh c\u1eafp th\u00f4ng tin x\u00e1c th\u1ef1c v\u00e0 \u0111\u1ea9y c\u00e1c commit \u0111\u1ed9c h\u1ea1i v\u00e0o nhi\u1ec1u repository kh\u00e1c nhau. C\u00e1c commit n\u00e0y \u0111\u01b0\u1ee3c t\u1ea1o v\u1edbi s\u1ef1 h\u1ed7 tr\u1ee3 c\u1ee7a AI, gi\u00fap payload \u1ea9n s\u00e2u trong m\u00e3 h\u1ee3p l\u1ec7, khi\u1ebfn vi\u1ec7c ph\u00e1t hi\u1ec7n c\u00e0ng tr\u1edf n\u00ean kh\u00f3 kh\u0103n. H\u1ea1 t\u1ea7ng \u0111i\u1ec1u khi\u1ec3n c\u1ee7a GlassWorm \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf \u0111\u1ec3 t\u1ed3n t\u1ea1i l\u00e2u d\u00e0i khi l\u1ee3i d\u1ee5ng blockchain Solana l\u00e0m k\u00eanh \u0111i\u1ec1u khi\u1ec3n v\u00e0 c\u1eadp nh\u1eadt (C2). Ch\u1ec9 v\u1edbi c\u00e1c giao d\u1ecbch blockchain chi ph\u00ed c\u1ef1c th\u1ea5p, m\u00e3 \u0111\u1ed9c c\u00f3 th\u1ec3 t\u1ef1 \u0111\u1ed9ng nh\u1eadn endpoint m\u1edbi ngay c\u1ea3 khi server \u0111i\u1ec1u khi\u1ec3n ch\u00ednh b\u1ecb v\u00f4 hi\u1ec7u h\u00f3a.<\/p>\n

M\u1eb7c d\u00f9 \u0111\u00e3 c\u00f3 nhi\u1ec1u n\u1ed7 l\u1ef1c ng\u0103n ch\u1eb7n, GlassWorm v\u1eabn duy tr\u00ec ho\u1ea1t \u0111\u1ed9ng \u1ed5n \u0111\u1ecbnh. D\u1eef li\u1ec7u m\u00e0 Koi Security thu th\u1eadp \u0111\u01b0\u1ee3c t\u1eeb m\u1ed9t endpoint b\u1ecb l\u1ed9 cho th\u1ea5y quy m\u00f4 thi\u1ec7t h\u1ea1i th\u1ef1c t\u1ebf r\u1ea5t l\u1edbn, \u0111\u1ed3ng th\u1eddi cung c\u1ea5p manh m\u1ed1i quan tr\u1ecdng \u0111\u1ec3 truy v\u1ebft c\u00e1c m\u1ee5c ti\u00eau b\u1ecb x\u00e2m nh\u1eadp. S\u1ef1 t\u00e1i xu\u1ea5t c\u1ee7a GlassWorm l\u00e0 l\u1eddi c\u1ea3nh b\u00e1o nghi\u00eam tr\u1ecdng v\u1ec1 m\u1ed1i \u0111e d\u1ecda t\u1ea5n c\u00f4ng chu\u1ed7i cung \u1ee9ng ph\u1ea7n m\u1ec1m, \u0111\u1eb7c bi\u1ec7t v\u1edbi c\u00e1c k\u1ef9 thu\u1eadt \u1ea9n m\u00e3 ng\u00e0y c\u00e0ng tinh vi, \u0111\u00f2i h\u1ecfi c\u1ed9ng \u0111\u1ed3ng ph\u00e1t tri\u1ec3n v\u00e0 c\u00e1c t\u1ed5 ch\u1ee9c ph\u1ea3i ch\u1ee7 \u0111\u1ed9ng t\u0103ng c\u01b0\u1eddng ki\u1ec3m tra, gi\u00e1m s\u00e1t v\u00e0 b\u1ea3o m\u1eadt m\u00e3 ngu\u1ed3n.<\/p>\n","protected":false},"excerpt":{"rendered":"

GlassWorm, m\u1ed9t chi\u1ebfn d\u1ecbch m\u00e3 \u0111\u1ed9c t\u1ef1 lan truy\u1ec1n c\u1ef1c k\u1ef3 tinh vi, v\u1eeba t\u00e1i xu\u1ea5t v\u00e0 ti\u1ebfp t\u1ee5c g\u00e2y nguy hi\u1ec3m cho h\u1ec7 sinh th\u00e1i l\u1eadp tr\u00ecnh to\u00e0n c\u1ea7u khi l\u00e2y nhi\u1ec5m th\u00eam ba ti\u1ec7n \u00edch m\u1edf r\u1ed9ng m\u1edbi tr\u00ean n\u1ec1n t\u1ea3ng VS Code. Theo Koi Security \u2013 \u0111\u01a1n v\u1ecb \u0111\u1ea7u ti\u00ean ph\u00e1t hi\u1ec7n […]<\/p>\n","protected":false},"author":46,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33],"tags":[],"class_list":["post-10343","post","type-post","status-publish","format-standard","hentry","category-tin-tuc-cua-vien"],"_links":{"self":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts\/10343","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/users\/46"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/comments?post=10343"}],"version-history":[{"count":0,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts\/10343\/revisions"}],"wp:attachment":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/media?parent=10343"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/categories?post=10343"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/tags?post=10343"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}