GlassWorm campaign evolves: ForceMemo attack targets Python repos via stolen GitHub tokens

A sophisticated malware campaign, dubbed ForceMemo, is actively compromising hundreds of Python repositories on GitHub by exploiting stolen developer tokens, according to StepSecurity. This evolving threat leverages the GlassWorm malware's capabilities to inject malicious code into various Python projects, including those used for Django applications, machine learning research, and PyPI packages. The attack method involves appending obfuscated code to critical files like setup.py, main.py, and app.py, posing a significant risk to developers and users who install or execute code from compromised sources, according to a recent report by The Hacker News.

The ForceMemo attack begins with the GlassWorm malware compromising developer systems, often through malicious VS Code and Cursor extensions, to steal secrets like GitHub tokens. Attackers then use these stolen credentials to force-push malicious changes to repositories. This involves rebasing obfuscated malware into Python files and rewriting Git history to preserve original commit messages and author details, making detection difficult.

The Base64-encoded payload checks the system's locale, skipping execution if it's Russian. Otherwise, it queries a Solana wallet's transaction memo field, previously linked to GlassWorm, to extract a payload URL. This allows the download of additional encrypted JavaScript payloads designed for cryptocurrency and data theft. The earliest injections were noted on March 8, 2026, with the command and control infrastructure active since November 2025.

Source: The Hacker News