The Hacker News

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...
Visual Studio Magazine

VS Code 1.122 Lets BYOK Work Without GitHub Sign-In

Microsoft's May 2026 VS Code update makes BYOK usable in restricted environments while adding agent, browser and issue-reporting updates.

And Now I’ve Vibe-Coded a Native Windows 11 App ⭐

The Build 2026 keynote was overly-long, in keeping with tradition. But there was some good news for Windows developers too.
How-To Geek on MSN

Stop wasting keystrokes: VS Code's command palette is faster than you think

Your VS Code workflow is probably slower than it needs to be, but if you use the Command Palette you'll be faster.