TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

By rooter

Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user’s GitHub token.

“Just by clicking a link, it’s possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones,” security researcher Ammar Askar said.

GitHub supports a feature called GitHub.dev that runs as

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Malicious Notifications Could Trick Google Gemini Users

rooter
Cyber Security

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

rooter
Cyber Security

Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore

rooter

Leave a Reply

You Missed

News

Hell Yeah, It’s Another Patricia Episode on ‘Widow’s Bay’

News

SwitchBot’s Weather Station Sounds Like the E Ink Smart Display of My Dreams

News

SpaceX’s Next Big Business Could Be Building Stuff in Space

News

‘Star Trek: Strange New Worlds’ Season Four Teases Battles With ‘Inner Demons’