Bleeping Computer

Malicious Microsoft VSCode extensions target devs, crypto community

Malicious Visual Studio Code extensions were discovered on the VSCode marketplace that download heavily obfuscated PowerShell payloads to target developers and cryptocurrency projects in supply chain ...
TechRadar

Malicious AI-made extension with ransomware capabilities sneaks on to Microsoft's official VS Code marketplace - so devs beware

Malicious VS Code extension ‘susvsex’ acted as ransomware and used GitHub for command control Extension appeared AI-generated, with embedded decryption keys and suspicious metadata Microsoft removed ...