Windows Report

New VS Code Zero-Day Lets Attackers Access Private GitHub Repositories

A security researcher has publicly disclosed a new Visual Studio Code zero-day vulnerability that can reportedly let ...
SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...
Memeburn

Hackers Steal 3,800 GitHub Repos Through Fake VS Code Extension

GitHub says hackers stole about 3,800 internal repos after a poisoned VS Code extension hit an employee device ...
MSN による配信

GitHubの内部情報が流出、Visual Studio Codeの拡張機能経由で約3800の ...

GitHubは2026年5月20日、GitHubの従業員端末が「悪意のあるコードが仕込まれたVS Code拡張機能」によって侵害され、GitHub内部リポジトリのデータが外部に送信されたと発表しました。攻撃者側は約3800件のリポジトリにアクセスしたと主張しており、GitHubは「攻撃 ...

GitHub says hackers stole data from thousands of internal repositories

The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft.
The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
Guru3D.com

Malicious VS Code Extension Linked to Theft of 3,800 GitHub Repositories

A reported software supply chain attack involving a malicious Visual Studio Code extension has exposed the growing security risks surrounding modern development environments. According to published ...