{
    "id": "1761687",
    "ioc": "199.247.10.14:4789",
    "ioc_type": "ip:port",
    "threat_type": "botnet_cc",
    "malware": "js.glassworm",
    "malware_printable": "GlassWorm",
    "malware_alias": null,
    "confidence_level": "100",
    "first_seen": "2026-03-08 18:45:28 UTC",
    "last_seen": null,
    "reporter": "anonymous",
    "reference": "https:\/\/www.koi.ai\/blog\/glassworm-returns-new-wave-openvsx-malware-expose-attacker-infrastructure",
    "threatfox_link": "https:\/\/threatfox\/ioc\/1761687",
    "tags": [
        "c2",
        "glassworm",
        "npm",
        "solana",
        "supply-chain",
        "vscode"
    ]
}