Tag: oauth token theft

2 articles

Person sitting at laptop in modern workspace with code on nearby monitor.

Bug Hunter Exposes Microsoft VS Code Flaw in Protest of Disclosure Handling

A bug hunter's frustrating experience with Microsoft's disclosure process sparked a protest, as Ammar Askar publicly exposed a VS Code flaw that could allow attackers to steal OAuth tokens and access GitHub repositories. Askar's proof-of-concept exploit highlights the vulnerability, which was previously mishandled by Microsoft's security response team.

Analyst 207Jun 3, 2026

Shattered robot head with exposed circuitry amidst broken smartphone fragments in a dimly lit, abandoned server room.

Vercel Breach Exposes Customer Data Theft via AI Tool Compromise

A single compromised AI tool has led to a massive breach at Vercel, exposing customer data and raising serious questions about trust and security. An attacker exploited a third-party AI tool used by an employee to steal sensitive credentials and OAuth tokens, gaining access to multiple services and customer data.

Analyst 207Apr 20, 2026