CrowdStrike and Google dismantled the Glassworm botnet that infected open-source projects, stole crypto wallet funds, and used Solana blockchain for C2 operations.

The four C&C channels used by GlassWorm, the botnet targeting open source software developers, have been disrupted.

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.