Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.
Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
You also get to escape Microsoft telemetry tracking too.