A security researcher has publicly disclosed a new Visual Studio Code zero-day vulnerability that can reportedly let ...

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...

A VS Code exploit for github.dev can steal GitHub OAuth tokens after one malicious link, exposing private repositories while teams await a patch.

GitHub says hackers stole about 3,800 internal repos after a poisoned VS Code extension hit an employee device ...

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

An archive of roughly 4,000 repositories is reportedly being offered for sale on the dark web, by threat actors known as ...

GitHubは2026年5月20日、GitHubの従業員端末が「悪意のあるコードが仕込まれたVS Code拡張機能」によって侵害され、GitHub内部リポジトリのデータが外部に送信されたと発表しました。攻撃者側は約3800件のリポジトリにアクセスしたと主張しており、GitHubは「攻撃者側の主張はおおむね調査内容と一致している」と説明しています。

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate approximately 3,800 of GitHub's internal source code repositories — everythi ...

India, May 21 -- GitHub has confirmed a major data breach affecting approximately 3,800 internal code repositories after a ...