Wednesday, 3 June 2026

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

iT4iNT SERVER Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user's GitHub token.

"Just by clicking a link, it's possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones," security researcher Ammar Askar said.

GitHub supports a feature called GitHub.dev that runs as VDS VPS Cloud


http://dlvr.it/TSs46V
-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline

iT4iNT SERVER A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email cre...