The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
InfoWorld

Intro to VSCode.dev: The IDE in your browser

Welcome to the brave new world of modern, remote development in your browser. Let's get started with VSCode.dev. The fully realized browser-based IDE has been a long time coming. Ever since the ...
InfoWorld

Hole in GitHub’s browser-based VSCode editor could lead to stolen token

Its disclosure raises questions about what security researchers should expect from vendors, and how far in advance of its ...