Cybercriminals are starting to target Microsoft's VSCode Marketplace, uploading three malicious Visual Studio extensions that Windows developers downloaded 46,600 times.

Security researchers found malicious code hiding in two VSCode extensions Microsoft quickly pulled them and notifies users The developer criticized Microsoft's move, saying they were never ...

Two malicious VSCode Marketplace extensions were found deploying in-development ransomware from a remote server, exposing critical gaps in Microsoft's review process.

It has been reported that an extension that distributes ransomware has been published on the Visual Studio Code Marketplace , a web store for VSCode extensions.

Sideloaded extensions are particularly vulnerable After confirming the behavior on VSCode, OX extended their investigation to other platforms, including Visual Studio, IntelliJ IDEA, and Cursor.