Glassworm Malware Hidden in Unicode Characters Affecting GitHub Repositories

The Glassworm malware is a newly discovered threat that leverages the presence of invisible Unicode characters within source code to inject malicious payloads into software projects. Discovered in early 2026, this malware has already compromised over 150 repositories on GitHub. The attack focuses on injecting these invisible characters into popular repositories, particularly those related to JavaScript and Node.js development, potentially impacting a wide range of applications and services. The delivery mechanism involves contributors with malicious intent adding these characters or compromised accounts injecting them. This sophisticated approach allows the malware to remain undetected during code reviews and traditional security scans, making it a significant threat to the software supply chain.

Attack Chain

1. A malicious actor gains commit access to a target GitHub repository through either direct contribution or compromised credentials.
2. The actor injects invisible Unicode characters into source code files, such as JavaScript or package.json files.
3. These Unicode characters are strategically placed within the code to be innocuous visually but alter the program’s execution when interpreted.
4. The altered code, containing the Unicode characters, is committed to the repository, potentially passing initial code review checks due to the characters’ invisibility.
5. When a developer clones or downloads the compromised repository, the Unicode characters are included in their local copy of the code.
6. During the build process (e.g., npm install), the malicious code embedded within the Unicode characters is executed.
7. This execution leads to the download and execution of a secondary payload from a remote server, potentially installing malware, backdoors, or exfiltrating sensitive data.
8. The final objective is to compromise the developer’s system or to inject malicious code into applications built using the compromised repository, thus propagating the malware further.

Impact

The successful deployment of Glassworm can lead to widespread supply chain compromise, potentially affecting thousands of developers and end-users. Over 150 GitHub repositories have already been identified as infected, and the actual number could be much higher. Successful exploitation leads to arbitrary code execution on developer machines and within deployed applications. The compromised code can steal credentials, inject backdoors, and exfiltrate sensitive data, leading to significant financial and reputational damage. The lack of visibility makes remediation challenging.

Recommendation

• Implement static analysis tools capable of detecting invisible Unicode characters in source code repositories (reference: Overview).
• Deploy the Sigma rules provided below to identify suspicious process executions originating from build processes that may indicate Glassworm activity.
• Educate developers about the risks associated with invisible Unicode characters and the importance of careful code review (reference: Attack Chain).
• Implement multi-factor authentication on all developer accounts to prevent account compromise (reference: Attack Chain).
• Monitor network traffic for connections to suspicious or unknown domains originating from build processes (reference: Attack Chain).
• Utilize file integrity monitoring (FIM) to track changes to critical files within repositories and development environments (reference: Attack Chain).