Bleeping Computer

VS Code zero-day lets hackers steal GitHub tokens in one click

A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a ...
techtimes

GitHub Copilot CLI Adds Pre-Commit Security Scanner: LLM Inference at the Detection Layer

GitHub shipped /security-review — a dedicated slash command for GitHub Copilot CLI — on Wednesday, putting AI-driven vulnerability scanning inside the terminal for the first time as an experimental ...