Windows Report

New VS Code Zero-Day Lets Attackers Access Private GitHub Repositories

A security researcher has publicly disclosed a new Visual Studio Code zero-day vulnerability that can reportedly let ...
The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
TechJuice

GitHub Internal Repositories Breached Through Supply Chain Cyberattack

GitHub internal repositories breached via malicious VS Code extension; TeamPCP demands $50K for 3,800 stolen repos May 2026.
Hosted on MSN

VS Code update sparks backlash over default Copilot commit tags

Microsoft’s Visual Studio Code 1.118 has drawn sharp criticism for automatically adding a “Co-Authored-by: Copilot” tag to Git commits by default, even for some users not actively using Copilot. The ...