Visual Studio Code VS Code token-theft zero-day security flaw
Vulnerability
Summary
Hide ▲
Show ▼
A Visual Studio Code (VS Code) zero-day lets attackers steal GitHub OAuth tokens by abusing the editor's sandboxed webview message-passing system. The flaw is especially risky for github.dev users because a malicious link can install an extension that runs JavaScript, simulates keypresses, and extracts the token. With that token, an attacker can query the GitHub API and enumerate private repositories the victim can access. The vulnerability is unpatched and has no CVE ID yet.
Related Happenings
Cursor Windows repo-root git.exe code execution security flaw
Vulnerability
H score9
First: 15.07.2026 13:55
Last: 15.07.2026 13:55
Sources 1
About this happening:
Cursor on Windows automatically runs a repo-root git.exe when a repository is opened, creating arbitrary code execution as the logged-in user. The flaw affects cloned...
Cursor Windows repo-root git.exe code execution security flaw
VulnerabilityAbout this happening: Cursor on Windows automatically runs a repo-root git.exe when a repository is opened, creating arbitrary code execution as the logged-in user. The flaw affects cloned...
GitHub Agentic Workflows indirect prompt injection security flaw
Vulnerability
H score27
First: 07.07.2026 17:04
Last: 07.07.2026 17:04
Sources 1
About this happening:
GitHub Agentic Workflows has an indirect prompt injection flaw that can let a public issue leak content from private repositories into public comments. The risk is...
GitHub Agentic Workflows indirect prompt injection security flaw
VulnerabilityAbout this happening: GitHub Agentic Workflows has an indirect prompt injection flaw that can let a public issue leak content from private repositories into public comments. The risk is...
Claude Code GitHub Action bot trigger bypass security flaw
Vulnerability
H score31
First: 04.06.2026 18:15
Last: 04.06.2026 18:15
Sources 1
About this happening:
Anthropic's Claude Code GitHub Action had a trigger-check bypass that let a malicious GitHub issue escalate into repository takeover for vulnerable public reposito...
Claude Code GitHub Action bot trigger bypass security flaw
VulnerabilityAbout this happening: Anthropic's Claude Code GitHub Action had a trigger-check bypass that let a malicious GitHub issue escalate into repository takeover for vulnerable public reposito...
Miasma GitHub and npm supply-chain campaign
Campaign
H score26
First: 02.06.2026 00:38
Last: 02.06.2026 00:38
Sources 1
About this happening:
Miasma is a supply-chain campaign that began in Red Hat's @redhat-cloud-services npm namespace and later expanded across npm, PyPI, the Go ecosystem, and Git...
Miasma GitHub and npm supply-chain campaign
CampaignAbout this happening: Miasma is a supply-chain campaign that began in Red Hat's @redhat-cloud-services npm namespace and later expanded across npm, PyPI, the Go ecosystem, and Git...
Latest development: 05.06.2026 21:05
A new Miasma wave is linked to 57 compromised npm packages across more than 286 malicious versions, with malicious installs abusing a 157-byte binding.gyp file for code execution during npm install and then staging additional payloads that inject persistent backdoor files into project repositories and target AI-assisted IDE workflows.
Malware-Slop malicious npm file-theft campaign
Campaign
H score39
First: 27.05.2026 18:44
Last: 27.05.2026 18:44
Sources 1
About this happening:
Malware-Slop is distributing mouse5212-super-formatter, a malicious npm package that steals local files from Anthropic's Claude workspace directory /mnt/user-dat...
Malware-Slop malicious npm file-theft campaign
CampaignAbout this happening: Malware-Slop is distributing mouse5212-super-formatter, a malicious npm package that steals local files from Anthropic's Claude workspace directory /mnt/user-dat...
Timeline
-
03.06.2026 15:58 1 articles · 1mo ago
Microsoft acknowledges VS Code GitHub.dev token-theft flaw
Mitigation Patch UpdateMicrosoft has acknowledged a Visual Studio Code vulnerability that can let an attacker use a crafted link and malicious webview message-passing to steal a victim's GitHub OAuth token via GitHub.dev, and said it is working on a fix; Microsoft also said the issue does not affect VS Code Desktop.
Show sources
- One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens — thehackernews.com — 03.06.2026 15:58
-
03.06.2026 09:50 2 articles · 1mo ago
VS Code zero-day exploit code steals GitHub OAuth tokens
Initial DisclosureA security researcher releases exploit code for a Visual Studio Code zero-day that steals GitHub authentication tokens when a user clicks a crafted link, abusing VS Code's sandboxed webview message-passing system to run malicious JavaScript, simulate keypresses, install an extension, and extract GitHub OAuth tokens passed to github.dev so the attacker can enumerate private repositories the victim can access. The flaw is unpatched and has not been assigned a CVE ID yet.
Show sources
- VS Code zero-day lets hackers steal GitHub tokens in one click — www.bleepingcomputer.com — 03.06.2026 09:50
- VS Code zero-day lets hackers steal GitHub tokens in one click — www.bleepingcomputer.com — 03.06.2026 09:50