VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware

2025-03-24 11:10

Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to deploy ransomware that's under development to its users. The extensions, named "ahban.shiba" and "ahban.cychelloworld," have since been taken down by the marketplace maintainers. Both the extensions, per ReversingLabs, incorporate code that's designed to invoke a

News URL

https://thehackernews.com/2025/03/vscode-marketplace-removes-two.html

#marketplace #ransomware