|
|
|
|
|
|
by domh
2 days ago
|
|
|
Web-based IDEs like VSCode on github just had a 1-click github token stealing vulnerability: https://blog.ammaraskar.com/github-token-stealing/ You could argue this is probably on GitHub for creating a token here that gives blanket access to all repos vs a scoped token for just the repo. |
|
|