URL has been copied successfully!
1-Click GitHub Vulnerability Enables OAuth Token Theft
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

1-Click GitHub Vulnerability Enables OAuth Token Theft


Tags: , , , , , , ,

A newly disclosed vulnerability in GitHub’s browser-based editor, GitHub.dev, allows attackers to steal powerful OAuth tokens with just a single click, giving them read and write access to private repositories. The flaw exploits how Visual Studio Code (VSCode) webviews handle keyboard events and message passing, enabling a malicious repository to execute attacker-controlled actions inside the […] The post 1-Click GitHub Vulnerability Enables OAuth Token Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

First seen on gbhackers.com

Jump to article: gbhackers.com/1-click-github-vulnerability/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Cisco Firewall and VPN Zero Day Attacks: CVE-2025-20333 and CVE-2025-20362
  2. Top 5 real-world AI security threats revealed in 2025
  3. Software developers: Prime cyber targets and a rising risk vector for CISOs
  4. FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word