HIGH

VS Code Vulnerability Allows One-Click GitHub Token Theft

SecurityWeek • Jun 04, 2026

MEDIUM

Another bug hunter leaks Microsoft exploits in defiance of company’s handling of vulnerability disclosures

The Register Security • Jun 03, 2026

HIGH

GitHub internal repositories breached

Sophos News • May 20, 2026

HIGH

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise

Help Net Security • May 21, 2026

HIGH

GitHub ~3,800 internal repos compromised through a malicious VS Code extension

Reddit r/netsec • May 21, 2026

MEDIUM

GitHub says internal repositories were taken in poisoned VS Code extension attack

CyberScoop • May 20, 2026

HIGH

GlassWorm attackers activate new ‘sleeper’ extensions on Open VSX

SC Media • Apr 28, 2026

MEDIUM

New ‘StoatWaffle’ malware auto‑executes attacks on developers

CSO Online • Mar 24, 2026

INFO

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

The Hacker News • Feb 04, 2026