Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names

Aug 28, 2025

Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions.
Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious extension named “ahbanC.shiba” that functioned similarly to two other extensions – ahban.shiba and ahban.cychelloworld –

Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names

Free Network Consultation
||
Free IT Buyers Guide
||
Limited Time Only

CONTACT US

We are always ready to help you

Get Free Report & Network Analysis

Please check your email for the free report.