One-Click Token Theft: Vulnerability in VS Code Web Edition Exposes GitHub Repositories
A critical security flaw in the browser-based version of VS Code allows attackers to exfiltrate GitHub OAuth tokens through a webview keyboard event leak.
Tag: advisory