Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities
08.11.2025
971
AI-created VS Code malware and fake npm packages reveal how attackers exploit open-source trust.
Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities
AI-created VS Code malware and fake npm packages reveal how attackers exploit open-source trust.
Y'all better check your VS Code extensions — researchers just uncovered a malicious extension that's literally vibe-coded by AI and comes with built-in ransomware capabilities. This isn't your grandma's malware — it's sophisticated enough to make your dev environment its personal hostage situation.
The attack chain is wild: fake npm packages serving as the initial infection vector, then deploying this malicious VS Code extension that can encrypt your files and demand ransom. They're weaponizing the very trust we place in open-source ecosystems.
This is the new face of supply chain attacks — AI-generated code that blends right in with legitimate packages, making detection a nightmare for traditional security tools. The extension was specifically designed to bypass standard security checks while maintaining full ransomware functionality.
- • AI-generated malicious VS Code extension discovered
- • Built-in ransomware capabilities for file encryption
- • Distributed through fake npm packages in supply chain attack
- • Exploits trust in open-source ecosystems
- • Bypasses traditional security detection methods
#VS Code extensions#supply chain attacks#malware#ransomware#Artificial Intelligence
Got a topic? Write to ATLA WIRE on Telegram:t.me/atla_community
