Microsoft fixes severe VS Code vulnerability enabling GitHub token theft

Security researcher Ammar Askar disclosed a critical vulnerability in Visual Studio Code on June 2, 2026, revealing that attackers could steal GitHub OAuth tokens through a deceptively simple one-click attack. Microsoft shipped a stopgap fix the very next day, on June 3, a turnaround time that tells you everything about how seriously Redmond took this one.

The flaw targets GitHub.dev, the browser-based version of VS Code that millions of developers use to edit code directly in their browsers. An attacker exploiting this vulnerability could gain access to every repository tied to the victim’s compromised token, including private ones.

How the attack works

The vulnerability lives in VS Code’s webview system, the component responsible for rendering embedded web content inside the editor. Webviews communicate with the main VS Code process through a message-passing mechanism, and that’s where things get interesting.

The attack chain starts with a malicious link pointing to a GitHub.dev workspace. Inside that workspace sits a Jupyter notebook laced with harmful JavaScript. When a victim opens the link, the notebook’s code executes within the webview context.