VS Code
Breaking
Technology
VS Code Zero-Day Exposes GitHub Tokens as Supply-Chain Attacks Breach 3,800 Internal Repositories
Unpatched OAuth vulnerability allows single-click credential theft while poisoned extension compromises GitHub's own infrastructure in 18 minutes.
Breaking
Technology
Nx Console VS Code Extension Compromised in Supply Chain Attack Targeting Developer Credentials
Malicious v18.95.0 harvested cloud secrets and SSH keys from enterprise development environments during 11-minute window on Microsoft Marketplace.