Back to the feed

Devtools Open source

VSCode bug exposes GitHub tokens to one-click theft

Hacker News·6d·ammar2

A vulnerability in Visual Studio Code allows attackers to steal GitHub authentication tokens through a single click, bypassing typical security boundaries. For developers using VSCode, this highlights the risk of token exposure in everyday tools—and underscores why credential management and editor security matter as much as application-level defenses.

Share𝕏 Reddit

Original story

Read the original on Hacker News

Related stories

⬢ HYVE SPOTLIGHT

HYVE Ether OS goes on pre-sale: a $499 sovereign AI operating system you actually own

Vibe Software Solutions·1d·Anthony S. Owens

claude-handoff-revive lets you resume Claude Code sessions without re-explaining everything

AI

claude-handoff-revive lets you resume Claude Code sessions without re-explaining everything

Hacker News Show HN·1w·sofumel

Zorilla lets you vibe-code a 3D game directly in the browser

Devtools

Zorilla lets you vibe-code a 3D game directly in the browser

Hacker News Show HN·1w·algera

AI

Approve Claude CLI prompts remotely via browser or mobile

Hacker News Show HN·1w·Witness327