Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Wasmer

Wasmer Vendor Cyber Rating & Cyber Score

wasmer.io

Wasmer provides a way to execute WebAssembly files universally


Wasmer A.I CyberSecurity Scoring

Wasmer
Company Information
Website:https://wasmer.io/
Employees number:8
Number of followers:1,872
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:wasmer.io
Wasmer Risk Score (AI oriented)
Between 700 and 749
logo
WasmerIT Services and IT Consulting
Updated:
01/04/2026
731/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Wasmer Global Score (TPRM)
xxxx
logo
WasmerIT Services and IT Consulting
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Wasmer
WasmerModerate
Current Score
731Ba (MODERATE)
01000
1 incidents
-17 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
733Before Incident
JUNE 2026
733Before Incident
MAY 2026
732Before Incident
APRIL 2026
732Before Incident
MARCH 2026
748Before Incident
Cyber Attack
14 Mar 2026Wasmer
GitHub, Reworm, npm, Wasmer, anomalyco and VS Code Marketplace: Invisible malicious code attacks 151 GitHub repos and VS Code — Glassworm attack uses blockchain to steal tokens, credentials, and secrets

GitHub, npm, and VS Code Repositories Compromised by Glassworm’s Invisible Unicode Attack

731After Incident
CRITICAL-17
NPMGITCODAIKWAS1773555952
GitHub, npm, and VS Code Repositories Compromised by Glassworm’s Invisible Unicode Attack Researchers at Aikido Security uncovered a sophisticated campaign by the threat actor Glassworm, which compromised at least 151 GitHub repositories between March 3 and March 9 by embedding malicious payloads in invisible Unicode characters. The attack has since expanded to npm packages and the VS Code Marketplace, with additional infections detected as recently as March 12. The technique exploits Unicode Private Use Area characters (ranges `0xFE00–0xFE0F` and `0xE0100–0xE01EF`), which appear as zero-width whitespace in code editors and terminals effectively hiding malicious code in plain sight. A hidden decoder extracts these bytes and executes them via `eval()`, deploying a second-stage payload that has previously leveraged the Solana blockchain for command-and-control (C2) operations, enabling token theft, credential harvesting, and secret exfiltration. Notable targets include repositories from Wasmer, Reworm, and anomalyco (developers of OpenCode and SST). The same attack pattern was found in two npm packages and one VS Code extension, suggesting broader infiltration. Aikido Security estimates the 151 identified repositories represent only a fraction of the total, as many were deleted before analysis. Unlike previous attacks, this campaign employs subtle, context-aware modifications, such as version bumps and minor refactors, designed to blend seamlessly with legitimate code. The consistency across 151 distinct codebases suggests the use of large language models (LLMs) to automate the generation of plausible cover changes, making manual detection nearly impossible. Glassworm has been active since at least March 2025, when Aikido first documented its Unicode-based attacks in malicious npm packages. By October 2025, the group had expanded to Open VSX and GitHub repositories, leveraging stolen credentials to propagate further. Earlier research by Koi Security revealed that decoded payloads deployed hidden VNC servers and SOCKS proxies for persistent remote access. The Solana-based C2 infrastructure complicates mitigation, as blockchain transactions are immutable. The attack’s sophistication combining invisible code injection, AI-generated camouflage, and decentralized C2 poses a significant challenge for traditional security measures, particularly visual code reviews. Automated tooling capable of detecting zero-width Unicode characters is now critical for defense.
INCIDENT DETAILS -
TYPE
Supply Chain Attack
MOTIVATION
Token theftCredential harvestingSecret exfiltration
IMPACT
Data Compromised: Credentials, secrets, and sensitive dataGitHub repositoriesnpm packagesVS Code extensionsOperational Impact: Persistent remote access via hidden VNC servers and SOCKS proxiesBrand Reputation Impact: Potential damage to affected entities' reputationIdentity Theft Risk: High (due to credential harvesting)
DATA BREACH
CredentialsSecretsSensitive dataSensitivity Of Data: HighData Exfiltration: Yes
FEBRUARY 2026
748Before Incident
JANUARY 2026
748Before Incident
DECEMBER 2025
748Before Incident
NOVEMBER 2025
748Before Incident
OCTOBER 2025
748Before Incident
SEPTEMBER 2025
748Before Incident
AUGUST 2025
748Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Wasmer ?
?
What was Wasmer's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Wasmer's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Wasmer's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Wasmer's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Wasmer's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Wasmer's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Wasmer's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Wasmer's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Wasmer's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Wasmer's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Wasmer's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Wasmer's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Wasmer ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Wasmer's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?