New GitHub Zero-Day Exposed Developer Tokens to Attackers

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...
Compare the Cloud

GitHub VSCode extension breach exposes developer toolchain as a primary attack surface

An unauthorised group calling itself TeamPCP accessed GitHub's internal repositories, targeting VSCode extensions used by millions of developers daily. The incident is the latest in a pattern of ...