SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...
Windows Report

New VS Code Zero-Day Lets Attackers Access Private GitHub Repositories

A security researcher has publicly disclosed a new Visual Studio Code zero-day vulnerability that can reportedly let ...
WinBuzzer

VS Code Exploit Can Steal GitHub Tokens via github.dev

A VS Code exploit for github.dev can steal GitHub OAuth tokens after one malicious link, exposing private repositories while teams await a patch.

Attack on GitHub.dev steals OAuth token for all repos

The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a ...
XDA Developers on MSN

A poisoned VS Code extension led to a GitHub breach, and Microsoft owns every link in the chain

Microsoft has had a VS Code extension for a long time, and it finally came back to bite them.