A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a link. [...]
VS Code zero-day lets hackers steal GitHub tokens in one click
Résumé + lien vers la source. Sans paywall, sans tracking.