Jun 42026 One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
