Cybersecurity researchers have disclosed details of a newly identified one click attack involving Microsoft Visual Studio Code and GitHub.dev that could enable attackers to steal GitHub OAuth tokens capable of accessing private repositories. According to security researcher Ammar Askar, the vulnerability can be triggered simply by convincing a victim to click a malicious link, potentially allowing threat actors to obtain tokens with read and write permissions across repositories that the targeted user can access. The issue specifically affects GitHub.dev, GitHub’s lightweight browser based source code editing environment powered by a Visual Studio Code interface, while Microsoft has clarified that the desktop version of Visual Studio Code remains unaffected.
GitHub.dev provides developers with a browser based coding environment that enables source code editing, pull request management, and commits without requiring a local desktop application. To enable this functionality, GitHub transfers an OAuth token to GitHub.dev, allowing the web based environment to interact with repositories on behalf of the user. Researchers explained that the concern stems from the token’s broad permissions, as it is not limited to the repository originally accessed by the developer and may provide access to all repositories linked to the account, including private ones. According to Askar, attackers can exploit weaknesses in communication between the main VS Code browser window and embedded webviews to install malicious extensions capable of stealing the OAuth token once it is transmitted to GitHub.dev.
The attack reportedly abuses webviews, components commonly used within Visual Studio Code to render markdown previews or support notebook editing environments such as Jupyter. Researchers explained that malicious JavaScript running within an untrusted webview can simulate keyboard interactions, including keydown events, to open the Visual Studio Code Command Palette through shortcut combinations and trigger the installation of attacker controlled extensions. Once installed, the malicious extension may extract the GitHub OAuth token and query GitHub’s application programming interface to enumerate all repositories available to the compromised account. Researchers also pointed to the exploitation of a Visual Studio Code feature known as local workspace extensions, which permits extensions placed within a specific “.vscode/extensions” folder to install directly without additional trust prompts. This behavior reportedly allows attackers to bypass publisher verification safeguards that would normally alert users before extension installation.
According to the disclosure timeline shared by Askar, GitHub was informed of the vulnerability on June 2, 2026, with public details emerging roughly an hour later due to concerns regarding the handling of previous Visual Studio Code related vulnerabilities. Researchers further explained that attackers may bypass trusted publisher checks by abusing customizable keyboard shortcuts included in extension package configurations, enabling malicious commands to execute without raising additional warnings. Microsoft has acknowledged the reported issue and stated that efforts are underway to develop a fix for the vulnerability. While remediation work continues, developers using GitHub.dev may face increased scrutiny regarding extension behavior and link interactions, particularly in browser based coding environments where authentication tokens hold broad repository permissions.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
