GitHub Token Stealing Bug Found In VSCode
A vulnerability in VSCode allows for one-click GitHub token stealing, according to a report. The bug is associated with a Chrome extension named DEEP WHATS, which has a high cybersecurity badness score.
Topics
Developing
- 883d Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore.
- 883d Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.
- 883d Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est.
- 883d Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium.
Sources · 7 independent
Mastodon
“1-Click GitHub Token Stealing via a VSCode Bughttps://blog.ammaraskar.com/github-token-stealing/#HackerNews #GitHub #Token #Stealing #VSCode #Bug #Cybersecurity #DeveloperNews #Vulnerability #chrome extension DEEP WHATS seems malicious.”
Unlock the full story
Get a Pro subscription or above to see the live story progression and the full list of independent sources confirming each event as they happen.
Log in to upgrade