WinBuzzer

VS Code Exploit Can Steal GitHub Tokens via github.dev

A VS Code exploit for github.dev can steal GitHub OAuth tokens after one malicious link, exposing private repositories while teams await a patch.
XDA Developers on MSN

I tried VS Code's answer to Claude Code, Codex, and Google Antigravity and it blew my mind

My old editor learned new tricks ...
SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access repositories.
Visual Studio Magazine

VS Code Is Latest Microsoft Dev Tooling Weaponized by Threat Actors

Cybersecurity threat actors keep leveraging Microsoft development tooling as attack vectors. The latest incident was reported this month by Cyble, with one of the key takeaways of its report being: ...
Memeburn

Hackers Steal 3,800 GitHub Repos Through Fake VS Code Extension

GitHub says hackers stole about 3,800 internal repos after a poisoned VS Code extension hit an employee device ...
Tech Times

VS Code Agents Hit Stable: Air-Gapped BYOK Unlocks Enterprise AI Coding

VS Code agents are now in Stable preview, and the 1.122 update removed the GitHub OAuth requirement from BYOK, letting defense, healthcare, and finance developers run fully air-gapped AI-assisted ...