Ransomware-Capable Extensions Found on Visual Studio Code Marketplace

Two extensions for Visual Studio Code capable of encrypting files and displaying a ransomware message have been discovered on the official marketplace of the editor. These extensions, which managed to go unnoticed, highlight a flaw in the verification process for extensions available on the platform. Specific technical details on how these extensions operate or which files they target have not been disclosed. The potential impact of this discovery is significant, as it reveals vulnerabilities in a tool widely used by developers.