Ransomware cyber

Microsoft

Mar 21, 2025 1 min read
Microsoft

The VSCode Marketplace, operated by Microsoft, suffered a security lapse when two extensions embedding in-development ransomware bypassed the review process. These extensions, downloaded by a handful of users, aimed to encrypt files within a specific test folder and demanded a ransom in ShibaCoin. While the impact was minimal due to the ransomware's limited scope, it revealed significant gaps in Microsoft's review system. This incident sheds light on potential vulnerabilities within widely used developer platforms and highlights the importance of stringent security measures to prevent such breaches.

Source: https://www.bleepingcomputer.com/news/security/vscode-extensions-found-downloading-early-stage-ransomware/

"id": "mic613032125",
"linkid": "microsoft",
"type": "Ransomware",
"date": "3/2025",
"severity": "75",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.