Cybersecurity researchers have disclosed a one-click attack
via Microsoft Visual Studio Code (VS Code) that makes it possible
to steal a user's GitHub token. "Just by clicking a link, it's
possible for an attacker to steal a GitHub token that can read and
write to your repos, including private ones," security researcher
Ammar Askar said. GitHub supports a feature called GitHub.dev that
runs as
Read more https://thehackernews.com/2026/06/one-click-github-dev-attack-lets.html
