Malicious VSCode Extensions Found Deploying Ransomware

Two malicious extensions on the VSCode Marketplace were discovered deploying ransomware in development from a remote server, revealing critical flaws in Microsoft's review process. The extensions downloaded the ransomware from an external server, exposing users to significant risks. This discovery highlights vulnerabilities in the security of VSCode extensions, underscoring the need for increased vigilance.