Storia in 4 fonti

Security Researcher Discloses VS Code Zero-Day After Microsoft Disclosure Process Breakdown

Introduction: The Breakdown of Trust The recent public disclosure of a zero-day...

Raccontata da

Confronto fonti

4 prospettive sulla stessa storia

AI · summaries

dev.toStai leggendo20 h fa

Security Researcher Discloses VS Code Zero-Day After Microsoft Disclosure Process Breakdown

Introduction: The Breakdown of Trust The recent public disclosure of a zero-day...

originale

bleepingcomputer.com2 g fa

VS Code zero-day lets hackers steal GitHub tokens in one click

A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a link.

Leggi questa versione → originale

infoworld.com2 g fa

Hole in GitHub’s browser-based VSCode editor could lead to stolen token

Its disclosure raises questions about what security researchers should expect from vendors, and how far in advance of its publication they should notify vendors about a bug.

Leggi questa versione → originale

theregister.com1 g fa

Another bug hunter leaks Microsoft exploits in defiance of company’s handling of vulnerability disclosures

Researcher disclosed VS Code OAuth-theft exploit within one hour, citing frustration with Microsoft MSRC's handling of prior reports. Unscoped tokens in cloud IDEs create supply-chain risk; teams must patch as the now-public exploit becomes weaponizable.

Leggi questa versione → originale

Timeline cronologica

mercoledì 3 giugno 2026·infoworld.com
Hole in GitHub’s browser-based VSCode editor could lead to stolen token
Its disclosure raises questions about what security researchers should expect from vendors, and how far in advance of its publication they should notify vendors about a bug.
mercoledì 3 giugno 2026·bleepingcomputer.com
VS Code zero-day lets hackers steal GitHub tokens in one click
A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking…
mercoledì 3 giugno 2026·theregister.com
Another bug hunter leaks Microsoft exploits in defiance of company’s handling of vulnerability disclosures
Researchers follow in Nightmare Eclipse’s footsteps, flipping off Redmond in favor of insta-leaks
giovedì 4 giugno 2026·dev.to
Security Researcher Discloses VS Code Zero-Day After Microsoft Disclosure Process Breakdown
Introduction: The Breakdown of Trust The recent public disclosure of a zero-day...