SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...
WinBuzzer

VS Code Exploit Can Steal GitHub Tokens via github.dev

A VS Code exploit for github.dev can steal GitHub OAuth tokens after one malicious link, exposing private repositories while teams await a patch.
XDA Developers on MSN

A poisoned VS Code extension led to a GitHub breach, and Microsoft owns every link in the chain

Microsoft has had a VS Code extension for a long time, and it finally came back to bite them.
Morning Overview on MSN

Hackers just walked off with 3,800 of GitHub’s internal code repositories — smuggled out by a single poisoned plugin a GitHub developer trusted

Somewhere inside GitHub, a developer installed a Visual Studio Code extension. It looked like any other productivity plugin ...

Attack on GitHub.dev steals OAuth token for all repos

The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a ...
InfoWorld

Visual Studio Code enhances diff editor, GitHub interop

With VS Code 1.81, the diff editor includes several new features and bug fixes, and the new diff algorithm is enabled by default. Visual Studio Code 1.81, the latest release of Microsoft’s extensible ...
heise online

GitHub Copilot extended: Agent Mode and Copilot Edits available in VS Code

GitHub Copilot offers new features in VS Code. Agent Mode is now available. Project Padawan takes over routine tasks automatically. GitHub has introduced new extensions for its programming tool ...
Windows Report

Microsoft Adds Offline AI Support and Device Emulation to VS Code

Microsoft has released VS Code 1.122 with BYOK support without sign-in, mobile device emulation, and a new issue reporting ...