https://www.bleepingcomputer.com/news/security/vscode-extensions-found-downloading-early-stage-ransomware/

Two malicious VSCode Marketplace extensions were found deploying in-development ransomware, exposing critical gaps in Microsoft's review process.

The extensions, named "ahban.shiba" and "ahban.cychelloworld," were downloaded seven and eight times, respectively, before they were eventually removed from the store.