VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
XDA Developers on MSN
A poisoned VS Code extension led to a GitHub breach, and Microsoft owns every link in the chain
Microsoft has had a VS Code extension for a long time, and it finally came back to bite them.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results