A VS Code exploit for github.dev can steal GitHub OAuth tokens after one malicious link, exposing private repositories while teams await a patch.
VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
Morning Overview on MSNOpinion
Hackers just walked off with 3,800 of GitHub’s internal code repositories — smuggled out by a single poisoned plugin a GitHub developer trusted
Somewhere inside GitHub, a developer installed a Visual Studio Code extension. It looked like any other productivity plugin ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results