9 min read
The Worm That Came for MCP
GlassWorm started as a VS Code supply chain attack. Now it's targeting MCP packages directly. Here's exactly what it does, and why runtime enforcement is the layer that still works after a malicious package is already installed and running.