Contact us
Contact us

News

About

Home Crypto News One-click github.dev exploit steals full GitHub OAuth tokens

One-click github.dev exploit steals full GitHub OAuth tokens

Author Whitewallet Research
Posted: 3 June 2026, 13:34 CET 2 min read

A one-click attack on github.dev can install a malicious VS Code extension and steal a full GitHub OAuth token, giving read/write access to all repositories a user can access.

A one-click exploit in the browser-based editor github.dev can install a malicious Visual Studio Code extension and steal the full OAuth token that github.com POSTs to github.dev. An attacker with that token can read and write to every repository the user can access, including private repositories.

Security researcher Ammar Askar described the chain of events. github.dev launches a lightweight VS Code environment in the browser and receives an OAuth token so it can create commits and open pull requests on a user’s behalf. The token is not limited to the single repository the user opened; it can be used for any repository the user can access.

Askar demonstrated that a malicious webview — the same component used to render Markdown previews and edit notebooks — can run JavaScript that simulates keydown events in the main editor window. The simulated keys can open the Command Palette with the Ctrl+Shift+P shortcut and trigger commands to install an attacker-controlled extension.

The exploit also uses VS Code’s local workspace extensions feature. An extension placed in a workspace’s .vscode/extensions folder can be installed without the normal publisher trust prompt, allowing the attacker to bypass the trusted publisher check. Once installed, the extension can read the OAuth token passed to github.dev and call the GitHub API to enumerate and interact with all repositories the token permits.

Ammar Askar warned: “Just by clicking a link, it’s possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones.”

Askar notified GitHub and Microsoft on June 2, 2026, and reported that details were made public about an hour after the report. Microsoft has acknowledged the vulnerability and is working on a fix.

Alexandru Dima, a partner software engineering manager at Microsoft, clarified: “To clarify, this issue does not affect VS Code Desktop.”

The vulnerability stems from how the browser-based VS Code environment passes messages between the main window and webviews and how simulated key events are handled. The exploit sequence can run after a user clicks a link or opens content that triggers an untrusted webview, without presenting additional prompts. Microsoft’s forthcoming remedy will need to address webview message handling and the conditions that permit silent local extension installation to prevent token theft and unauthorized repository access.

Whitewallet Research
Author

Articles by this author

Custodial vs non-custodial wallet
Custodial vs non-custodial wallet
4 days ago
What is a crypto seed phrase
What is a crypto seed phrase
may 25
Seed phrase vs private key
Seed phrase vs private key
may 21
Global South trails in generative AI, Microsoft finds
Global South trails in generative AI, Microsoft finds
may 21
Anthropic lets Glasswing partners publish Mythos-found flaws
Anthropic lets Glasswing partners publish Mythos-found flaws
may 19

Latest News

MORE
FCA warns Premier League over unauthorized crypto sponsors

FCA warns Premier League over unauthorized crypto sponsors

1 hour ago 2 min read
Snowflake and Anthropic deepen Claude integration in Cortex

Snowflake and Anthropic deepen Claude integration in Cortex

3 hours ago 2 min read
Peter Schiff Predicts Bitcoin Drop Below ,000

Peter Schiff Predicts Bitcoin Drop Below $20,000

8 hours ago 2 min read
Hoskinson Blasts Cardano Governance as TapTools Shuts Down

Hoskinson Blasts Cardano Governance as TapTools Shuts Down

16 hours ago 2 min read
MORE