Another bug hunter leaks Microsoft exploits in defiance of company’s handling of vulnerability disclosures

D Yet another aggrieved bug hunter has leaked a vulnerability affecting a Microsoft product after becoming disillusioned with ...

Attack on GitHub.dev steals OAuth token for all repos

The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a ...
The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.
Travel + Leisure

The 50 Best Places to Travel in 2025

Since 1971, Travel + Leisure editors have followed one mission: to inform, inspire, and guide travelers to have deeper, more meaningful experiences. T+L's editors have traveled to countries all over ...
Bleeping Computer

GitHub confirms breach of 3,800 repos via malicious VSCode extension

Update May 21: GitHub has now linked this breach to the TanStack npm supply-chain attack and says the employee installed a malicious version of the Nx Console extension. GitHub has confirmed that ...
NPR

Outside/In

Outside/In: Where curiosity and the natural world collide. Look around, and you’ll find everything is connected to the natural world. At Outside/In, we explore that idea with boundless curiosity. We ...
GitHub

macOS tool to easily identify and get rid of big, unused files and folders in seconds.

Automatic cleaners only know about a fixed set of cache folders, and the decisions they make are limited to what they were preprogrammed for. ApexDisk finds and surfaces everything else they skip: ...