Zero-Day in VS Code Jeopardizes GitHub Access Tokens5. June 2026CybersecurityAn unpatched zero-day in VS Code/github.dev enables theft of GitHub OAuth tokens via manipulated links, providing access to all private repositories of a victim. Share on: