Ad image

Tag: Visual Studio Code

CSBadmin

GitHub OAuth Token Theft via Malicious VSCode Webview Link

A single malicious link in VSCode's webview can trigger theft of GitHub OAuth tokens, bypassing cross-origin isolation protections in the…