One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user's GitHub token. "Just by clicking a link, it's possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones," security researcher Ammar Askar said. GitHub supports a feature called GitHub.dev that runs as

The article describes a one-click attack path in Visual Studio Code's GitHub.dev integration that lets an attacker steal full GitHub OAuth tokens capable of read/write access to both public and private repositories.[1][2] This is achieved by tricking a developer into clicking a malicious link that abuses a VS Code webview/VS Code-for-web behavior, effectively compromising the integrity of source code and developer environments.[1][2] From a CyberSE.AI perspective, any AI-related codebases, prompt templates, model integration logic, or infrastructure-as-code stored in these repos become exposed, turning the development toolchain into an AI supply chain risk. Organizations should harden developer environments, inventory and monitor extensions and web-based IDE flows, and include VS Code/GitHub.dev in SBOM and supply chain threat modeling for AI systems.