A zero-day vulnerability in Visual Studio Code (VS Code) has been discovered, enabling hackers to pilfer GitHub authentication tokens with a single click. This exploit works by deceiving users into clicking a malicious link, which then compromises their GitHub credentials. The vulnerability is particularly concerning as it is being actively exploited, leaving defenders without a patch to mitigate the issue. The exploit code has been publicly released, allowing potential attackers to leverage the vulnerability1. This lack of a patch means that users are left vulnerable to attack, with their GitHub tokens potentially being stolen. The fact that this can be achieved with a single click underscores the severity of the issue. So what matters to practitioners is that this zero-day exploit highlights the need for swift action to secure VS Code and GitHub accounts, as the absence of a patch leaves users exposed to token theft.
VS Code zero-day lets hackers steal GitHub tokens in one click
⚠️ Critical Alert
Why This Matters
Zero-day exploitation means the vulnerability is being used before patches exist — defenders are already behind.
References
- BleepingComputer. (2026, June 3). VS Code zero-day lets hackers steal GitHub tokens in one click. BleepingComputer. https://www.bleepingcomputer.com/news/security/vs-code-zero-day-lets-hackers-steal-github-tokens-in-one-click/
Original Source
BleepingComputer
Read original →