'Adversaries are no longer just targeting products, they're targeting the developers who build them': CrowdStrike takes down major botnet targeting developers across the world
CrowdStrike, Google, and Shadowserver have successfully dismantled the Glassworm botnet, which targeted software developers globally. Active since early 2025, the botnet utilized various methods to steal developer credentials and deploy malware across multiple operating systems. This operation underscores a significant shift in cybersecurity threats, focusing more on developers rather than just products.
- ▪The Glassworm botnet was taken down on May 26, 2026, by disrupting all four of its command and control channels simultaneously.
- ▪It spread through trojanized VSCode extensions, malicious npm and Python packages, and compromised GitHub repositories.
- ▪The botnet specifically targeted software developers due to their access to critical resources like source code repositories and cloud platforms.
Opening excerpt (first ~120 words) tap to expand
Pro Security 'Adversaries are no longer just targeting products, they're targeting the developers who build them': CrowdStrike takes down major botnet targeting developers across the world News By Sead Fadilpašić published 27 May 2026 The Glassworm botnet is no more When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Getty Images) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter CrowdStrike, Google, and Shadowserver jointly dismantled the Glassworm botnet on May 26, 2026, by disrupting all four of its resilient C2 channels simultaneouslyActive since early 2025, Glassworm…
Excerpt limited to ~120 words for fair-use compliance. The full article is at TechRadar.
Discussion
0 commentsMore from TechRadar
