Back to the feed

Devtools Open source

VSCode vulnerability allows one-click GitHub token theft

Hacker News·6d·ammar2

A security researcher discovered a bug in VSCode that lets attackers steal GitHub tokens with minimal user interaction. The vulnerability highlights how even trusted development tools can become attack vectors—a sobering reminder for indie developers to scrutinize extensions and keep their editors patched.

Share𝕏 Reddit

Original story

Read the original on Hacker News

Related stories

Vivix lets you watch JavaScript execute step-by-step in the browser

Devtools

Vivix lets you watch JavaScript execute step-by-step in the browser

Hacker News Show HN·6d·hlude

Edsger brings a Clojure REPL to reMarkable 2 tablets

Devtools

Edsger brings a Clojure REPL to reMarkable 2 tablets

Hacker News·6d·nathell

Devtools

Capstone: Open-source disassembly framework crosses platforms and architectures

Hacker News·6d·gregsadetsky

Open Repair Data Standard aims to unify how repair shops track fixes

Devtools

Open Repair Data Standard aims to unify how repair shops track fixes

Hacker News·6d·cassepipe