In the last 24 hours, the security field has been defined by a recurring theme: the misuse of trust and the sophisticated co-opting of legitimate infrastructure to maintain long-term persistence. From years-long intelligence gathering targeting military networks to evolving software supply chain risks in developer ecosystems and real-time social engineering via customer support platforms, today’s developments show that threat actors are moving away from easily detectable activity. Instead, they blend into the daily digital workflows of their targets. For defensive teams, this means traditional indicators of unauthorized activity are increasingly being replaced by the subtle, authorized-looking use of cloud services, IDE extensions, and live chat interfaces.
State-sponsored access via trusted storage
A significant development this morning comes from security researchers detailing a multi-year intelligence gathering campaign, tracked as CL-STA-1087, which has maintained access to Southeast Asian military networks since at least 2020. Attributed with moderate confidence to a state-sponsored China-nexus threat actor, the campaign was only uncovered after modern XDR agents flagged unauthorized PowerShell execution. This discovery reveals a significant gap in legacy visibility; the operators demonstrated immense operational patience, focusing on highly specific intelligence, such as military capabilities and collaboration with Western armed forces—rather than bulk data collection. They managed to evade detection for years by going dormant when necessary and utilizing custom-built tools designed for precision rather than volume.
Technically, CL-STA-1087 relies on advanced persistence and detection bypass mechanisms. The group deployed two previously undocumented backdoors, AppleChris and MemFun, both of which utilize "dead-drop resolvers" (DDRs). This technique involves posting encrypted command-and-control (C2) routing information on legitimate external sites like Pastebin and Dropbox. Even if a defender discovers the Pastebin account, the C2 information remains protected by a two-stage decryption process where the private key is embedded solely within the malware itself. This allows unauthorized parties to hide their infrastructure behind the traffic of trusted domains that are rarely blocked in enterprise environments. Furthermore, the operators employed "timestomping", modifying file time attributes in Windows—to hide new files among older, legitimate system files, effectively neutralizing basic forensic timelines.
Software supply chain risks in Open VSX
While state actors maintain persistent access in military networks, a different kind of escalation is unfolding within the software supply chain. Security research published today indicates that the GlassWorm campaign has evolved its tactics to compromise the Open VSX ecosystem, an open-source alternative to the Visual Studio Marketplace. What began as simple impersonation has shifted toward the use of transitive dependencies. By leveraging the extensionPack and extensionDependencies manifest fields, unauthorized parties can now deliver unsafe components through a second-layer relationship. A developer might install an extension that appears entirely benign and passes initial automated reviews, only for the software to automatically pull in the GlassWorm component through these declared relationships.
GlassWorm’s primary objective remains credential and secret harvesting, targeting everything from Git and NPM credentials to cryptocurrency wallets and macOS keychain databases. To stay ahead of defenders, the campaign now rotates its infrastructure and loader logic more frequently. It also employs geofencing to exclude Russian locales and uses a unique C2 routing method involving Solana blockchain transaction memos. This transition to less visible, transitive delivery paths is a significant escalation; it complicates both manual code review and registry-side triage, as the actual unauthorized component is hidden behind standard extension-management behaviors.
Conversational social engineering
The trend of misusing legitimate services extends to social engineering, where malicious actors are now leveraging the LiveChat platform to conduct real-time "conversational phishing." Analysts have identified two distinct campaign vectors impersonating Amazon and PayPal. Unlike standard phishing, which relies on a static link and a sense of urgency, these interactions involve human operators engaging targeted individuals in live, one-on-one conversations. By mimicking the workflows of actual customer support agents, the operators lower the affected party's guard, making it easier to solicit multifactor authentication (MFA) codes, credit card details, and personal identification. This "live" element bypasses many automated email filters because the mechanism isn't just a link, but a psychological interaction that occurs within a trusted SaaS environment.
Defensive guidance and next steps
For defensive teams, these developments require a shift in how "trusted" traffic is governed. Regarding targeted threats like CL-STA-1087, organizations must strictly monitor or restrict access to external storage and content hosting services like Dropbox or Pastebin if they are not officially approved for business use. Because these actors misuse legitimate cloud services to mask their C2, monitoring for anomalous traffic directed at these platforms. Even if the domain is reputable—is essential. We recommend utilizing the published SHA256 hashes for the AppleChris and MemFun backdoors to retroactively hunt for persistence in your own environments.
In development environments, the risk including campaigns like GlassWorm requires a deeper audit of developer tooling. Security teams should implement policies and review extension updates, specifically looking for version-to-version changes that introduce new extensionPack or extensionDependencies fields. Since these extensions often artificially inflate their download counts to gain trust, teams cannot rely on popularity as a metric for safety. Instead, monitoring for specific indicators like Solana memo lookups or staged JavaScript-based loaders is necessary to catch these components before they can expose developer credentials.
Finally, the misuse of platforms like LiveChat points to the need for a unified approach to social engineering defense that combines technical controls with human-centric analysis. As unauthorized parties shift toward real-time interactions, the "human-in-the-loop" becomes both the primary target and a critical sensor. Training programs should be updated to include "conversational phishing" scenarios, and organizations should consider implementing granular monitoring for any outbound traffic to third-party chat services that originate from sensitive or high-privilege segments of the network.
Looking forward, we are seeing a convergence of tactics where both state-sponsored and financially motivated groups find success by operating within trusted cloud infrastructure. Whether it is a dead-drop resolver on Pastebin, a transitive dependency in Open VSX, or a real-time chat on a SaaS platform, the common denominator is the misuse of services that are meant to be there. This suggests that the next phase of defensive security will rely less on identifying purely unauthorized domains and more on identifying unauthorized behavior within trusted domains.
While much has been uncovered regarding these campaigns, certain gaps remain. The precise initial entry method for the years-long military network access remains unconfirmed, and researchers anticipate that more than 20 additional Open VSX extensions linked to GlassWorm are likely still active in the wild. As these campaigns continue to iterate, we encourage defenders to prioritize visibility into the dependency chains and cloud interactions that define the modern enterprise.