{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreih4kixsi2oajxrcshcjspx3enygi6kshldf73nnrzqp5px5zc2rdi",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mnfi6hw5std2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreicp23agpu22y4htpmvs44uadtp654jkarbhkqkzb3vypdrw4qznsu"
    },
    "mimeType": "image/jpeg",
    "size": 363299
  },
  "path": "/2026/06/one-click-github-dev-attack-lets.html",
  "publishedAt": "2026-06-03T12:58:22.000Z",
  "site": "https://thehackernews.com",
  "textContent": "Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user's GitHub token.\n\n\"Just by clicking a link, it's possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones,\" security researcher Ammar Askar said.\n\nGitHub supports a feature called GitHub.dev that runs as",
  "title": "One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens"
}