Windows Report

New VS Code Zero-Day Lets Attackers Access Private GitHub Repositories

A security researcher has publicly disclosed a new Visual Studio Code zero-day vulnerability that can reportedly let ...
The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
Morning Overview on MSN

Hackers just walked off with 3,800 of GitHub’s internal code repositories — smuggled out by a single poisoned plugin a GitHub developer trusted

Somewhere inside GitHub, a developer installed a Visual Studio Code extension. It looked like any other productivity plugin in Microsoft’s marketplace. It wasn’t. That single installation gave ...
SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...

Visual Studio finally gets long-awaited feature that developers will love

Microsoft finally delivers a Visual Studio feature developers have been requesting for years, eliminating a long-standing ...
Visual Studio Magazine

GitHub Expands Copilot Enterprise Search in Visual Studio and VS Code

GitHub supercharged search for its Copilot Enterprise AI assistant in both Microsoft's Visual Studio IDE and Visual Studio Code so developers can now get results from well beyond local codebases, ...

Are designers the new SWEs? Figma Make's new two-way GitHub integration turns designs into live, production code — with built-in governance

From an enterprise governance perspective, this means visual AI edits are subject to the exact same continuous integration ...