The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
Bleeping Computer

Here's how a researcher broke into Microsoft VS Code's GitHub

This month a researcher has disclosed how he broke into the official GitHub repository of Microsoft Visual Studio Code. A vulnerability in VS Code's issue management function and a lack of ...
SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...
heise online

GitHub Copilot extended: Agent Mode and Copilot Edits available in VS Code

GitHub Copilot offers new features in VS Code. Agent Mode is now available. Project Padawan takes over routine tasks automatically. GitHub has introduced new extensions for its programming tool ...