Windows Report

New VS Code Zero-Day Lets Attackers Access Private GitHub Repositories

A security researcher has publicly disclosed a new Visual Studio Code zero-day vulnerability that can reportedly let ...
Memeburn

Hackers Steal 3,800 GitHub Repos Through Fake VS Code Extension

GitHub says hackers stole about 3,800 internal repos after a poisoned VS Code extension hit an employee device ...

GitHub says hackers stole data from thousands of internal repositories

The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft.
The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...
GIGAZINE

GitHub's internal information was leaked, resulting in unauthorized access to approximately ...

On May 20, 2026, GitHub announced that employee devices had been compromised by a 'VS Code extension containing malicious code,' resulting in data from internal GitHub repositories being transmitted ...
Visual Studio Magazine

GitHub Expands Copilot Enterprise Search in Visual Studio and VS Code

GitHub supercharged search for its Copilot Enterprise AI assistant in both Microsoft's Visual Studio IDE and Visual Studio Code so developers can now get results from well beyond local codebases, ...
Guru3D.com

Malicious VS Code Extension Linked to Theft of 3,800 GitHub Repositories

A reported software supply chain attack involving a malicious Visual Studio Code extension has exposed the growing security risks surrounding modern development environments. According to published ...