VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware,
Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to deploy ransomware that’s under development to its users.
The extensions, named « ahban.shiba » and « ahban.cychelloworld, » have since been taken down by the marketplace maintainers.
Both the extensions, per ReversingLabs, incorporate code that’s designed to invoke a
The extensions, named « ahban.shiba » and « ahban.cychelloworld, » have since been taken down by the marketplace maintainers.
Both the extensions, per ReversingLabs, incorporate code that’s designed to invoke a
,
Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to deploy ransomware that’s under development to its users.
The extensions, named « ahban.shiba » and « ahban.cychelloworld, » have since been taken down by the marketplace maintainers.
Both the extensions, per ReversingLabs, incorporate code that’s designed to invoke a
The extensions, named « ahban.shiba » and « ahban.cychelloworld, » have since been taken down by the marketplace maintainers.
Both the extensions, per ReversingLabs, incorporate code that’s designed to invoke a
, ,
https://thehackernews.com/2025/03/vscode-marketplace-removes-two.html