Cybersecurity researchers have disclosed a one-click assault through Microsoft Visible Studio Code (VS Code) that makes it doable to steal a person’s GitHub token.
“Simply by clicking a hyperlink, it is doable for an attacker to steal a GitHub token that may learn and write to your repos, together with personal ones,” safety researcher Ammar Askar said.
GitHub helps a characteristic referred to as GitHub.dev that runs as a lightweight web-based source code editor within the net browser’s sandbox by launching a VS Code atmosphere. It permits customers to ship pull requests and make commits.
“This performance is achieved by github.com POSTing over an OAuth token to github.dev that enables it to work together with GitHub in your behalf,” Askar mentioned. “The token isn’t scoped to the actual repo you interacted with, that means it has full entry to each different repo that you’ve got entry to.”
In a nutshell, the vulnerability permits attackers to put in malicious VS Code extensions that steal GitHub OAuth tokens when they’re handed to GitHub.dev by exploiting a message-passing mechanism between the principle VS Code window and webviews. Webviews are used to render Markdown previews or edit Jupyter notebooks.
Particularly, the exploit runs malicious JavaScript inside an untrusted webview to simulate keypresses (aka keydown occasions) in the principle editor window, open the Command Palette by triggering “Ctrl+Shift+P,” and set up an attacker-controlled extension that extracts the GitHub OAuth token despatched to GitHub.dev and queries the GitHub API to enumerate all personal repositories the sufferer can entry.
It is value noting the strategy additionally leverages a VS Code characteristic referred to as local workspace extensions that enables an extension to be instantly put in with out presenting any further trust dialog prompt so long as it is positioned within the “.vscode/extensions” folder inside that workspace, successfully bypassing the writer belief verify.
“That is only a small hiccup although, one of many issues that extensions can do as a part of their package deal.json is to contribute additional keybindings to VS Code,” the researcher defined. “Since we will reliably set off keybindings, we will simply add a keybind for no matter VS Code command we would like, resembling putting in an extension whereas skipping the trusted writer verify.”
The researcher additionally famous GitHub was notified of the vulnerability on June 2, 2026, an hour after which particulars of the problem had been made public data, citing Microsoft’s handling of VS Code-related bugs up to now. As of writing, Microsoft has acknowledged the vulnerability and famous that it is engaged on a repair.
“To make clear, this situation doesn’t have an effect on VS Code Desktop,” Alexandru Dima, a associate software program engineering supervisor at Microsoft, mentioned.