Black & White Path

Jun 3, 2026 · Information Security

Stealing GitHub Tokens via a One‑Click VSCode WebView Exploit

The article details how a VSCode WebView vulnerability lets an attacker capture the OAuth token issued to github.dev, use keyboard‑event relay to install a malicious extension, and ultimately gain read‑write access to all of a victim’s private GitHub repositories, while also providing a PoC and mitigation steps.