*VSCode Extensions Pulled Over Security Risks* Microsoft has removed two widely used Visual Studio Code extensions, 'Material Theme – Free' and 'Material Theme Icons – Free,' from the Visual Studio Marketplace due to security concerns. These extensions, developed by Mattia Astorino (known as 'equinusocio'), had amassed nearly 9 million downloads before their removal. Users of these extensions have been notified within VSCode that the extensions have been automatically disabled. The action was prompted by cybersecurity researchers Amit Assaraf and Itay Kruk, who identified suspicious code within the extensions and reported their findings to Microsoft. Following an internal investigation, Microsoft confirmed the presence of malicious code, leading to the removal of all extensions published by Astorino from the marketplace. This incident highlights ongoing concerns about the security of VSCode extensions. Previous research has uncovered numerous extensions with potential security risks, including known malicious code, hardcoded IP addresses, execution of unknown executables, and instances of copycat behavior. Developers and users are advised to exercise caution when installing extensions and to regularly review and update their tools to maintain a secure development environment. *Source:* https://www.bleepingcomputer.com/news/security/vscode-extensions-with-9-million-installs-pulled-over-security-risks/