![IntCyberDigest's tweet photo. ‼️🚨 BREAKING: Another researcher skipped coordinated disclosure entirely and dropped a critical 1-click GitHub token theft in public because he doesn't want to deal with MSRC. In his own words: "I really don't want to deal with MSRC on VSCode bugs."
The bug: just clicking a link can hand an attacker a GitHub token that reads AND writes to all your repos, including private ones. It lives in github[.]dev, GitHub's browser-based VSCode editor, which passes the browser an OAuth token that isn't scoped to a single repo. That token can touch everything you can.
Researcher Ammar Askar found that VSCode's sandboxed "webviews" leak keyboard events to the main editor. A malicious repo opened via one link can simulate keystrokes, install a local extension that skips VSCode's publisher-trust check, and exfiltrate your token. He published a working proof-of-concept.
He says when he reports github[.]dev bugs, GitHub tells him they're out of scope and to go report to MSRC, and a prior VSCode bug he reported was silently fixed with no credit. One commenter summed up the mood: "MSRC has turned into Feedback Hub."](https://pbs.twimg.com/media/HJ1p_C8WwAAXovc.png)
Olivia
Online
Kyle 'esSOBi' Stone
@essobi
Hyperlexic Polymath Savant
GenTech / AI Consultant
CTO @ T&S
Language Model Expert.
#TrillionaireTokenClub
#RunLocal
Louisville, Kentucky
Joined March 2008
3K Following
6.1K Followers
91.6K Posts
Pinned Tweet
Autonomous Agentic Offensive Agent in Kali.
#buildinpubic
Microsoft introduces Microsoft Scout, also known as Autopilot.
Scout is always on and has file system and application access "based on your corporate policy".
Best news for Threat Actors in a long time
https://t.co/M3pyfcbTBm
Every company’s AI workflow rn be like 😭💀
The incessant drive by Microsoft--with schemes like default Opt-In Microsoft Recall--to achieve ubiquitous observability of knowledge workers doing their work becomes clearer when the leaks from another company are observed.
When they tell you what they want to achieve, LISTEN.
Who to follow
Chris Nickerson 
@indi303
I build global cybersecurity companies, Red Teamer, CxO, Investor, Speaker, Mentor, Student, & Sprirt Animal . I'm also a liability #Damovo #Lares #BSides
Magen Wu
@magen_wu
Her/She | Master’s degree in Org Psych | Sr Associate at @UrbaneSec |
hard mode
@TheDevilsVoice
"The easy way's no fun!"
‼️🚨 BREAKING: Another researcher skipped coordinated disclosure entirely and dropped a critical 1-click GitHub token theft in public because he doesn't want to deal with MSRC. In his own words: "I really don't want to deal with MSRC on VSCode bugs."
The bug: just clicking a link can hand an attacker a GitHub token that reads AND writes to all your repos, including private ones. It lives in github[.]dev, GitHub's browser-based VSCode editor, which passes the browser an OAuth token that isn't scoped to a single repo. That token can touch everything you can.
Researcher Ammar Askar found that VSCode's sandboxed "webviews" leak keyboard events to the main editor. A malicious repo opened via one link can simulate keystrokes, install a local extension that skips VSCode's publisher-trust check, and exfiltrate your token. He published a working proof-of-concept.
He says when he reports github[.]dev bugs, GitHub tells him they're out of scope and to go report to MSRC, and a prior VSCode bug he reported was silently fixed with no credit. One commenter summed up the mood: "MSRC has turned into Feedback Hub."
![IntCyberDigest's tweet photo. ‼️🚨 BREAKING: Another researcher skipped coordinated disclosure entirely and dropped a critical 1-click GitHub token theft in public because he doesn't want to deal with MSRC. In his own words: "I really don't want to deal with MSRC on VSCode bugs."
The bug: just clicking a link can hand an attacker a GitHub token that reads AND writes to all your repos, including private ones. It lives in github[.]dev, GitHub's browser-based VSCode editor, which passes the browser an OAuth token that isn't scoped to a single repo. That token can touch everything you can.
Researcher Ammar Askar found that VSCode's sandboxed "webviews" leak keyboard events to the main editor. A malicious repo opened via one link can simulate keystrokes, install a local extension that skips VSCode's publisher-trust check, and exfiltrate your token. He published a working proof-of-concept.
He says when he reports github[.]dev bugs, GitHub tells him they're out of scope and to go report to MSRC, and a prior VSCode bug he reported was silently fixed with no credit. One commenter summed up the mood: "MSRC has turned into Feedback Hub."](https://pbs.twimg.com/media/HJ1qOHoXEAAa6yQ.jpg)
we still have no satisfying theory for why AI works
Oh shit they’re playing my jammmmmmmm
Structured Prompt Optimization Meets Reinforcement Learning for Global and Local Interpretability over Complex Text
Tianyang Zhou, Wenbo Chen, Pierre Jinghong Liang, Leman Akoglu
https://t.co/oMCrmxeHa0 [𝚌𝚜.𝙲𝙻 𝚌𝚜.𝙰𝙸 𝚌𝚜.𝙻𝙶]
POV: you're still using GitHub Copilot after June 1st, 2026
someone made a fork of opencode that routes through the unsecured ai endpoints from chipotle
@loftwah I have a pretty good idea. I started blackboxing LLM interfaces on DaVinci….. was a big OpenAI function caller beta developer, the one they didn’t release. Jumped off when the first wave of cease and desists came out.
WALL OF TOKENS GOES BRRRRRRRRRRR.
The state of Florida filed a lawsuit against OpenAI and CEO Sam Altman on Monday, claiming the company knowingly released and aggressively marketed ChatGPT to the public while concealing serious risks. https://t.co/bAhcHJLM1L
Perfect for Instagram influencers
They’re bootlegging everything…
the frontier labs don’t have “comms problems”. reality right now has a comms problem. what is happening is a little scary and there’s no nice words anyone could say, especially not those profiting from it, that’ll make it feel that much better
mythos find all the laws that google, meta and openai break so we can fine them, make no mistakes
@loftwah Model vs System? Gpt-4 was a system.
Dream so big you make yourself uncomfortable.
you are a product of your actions, not your aspirations
When people see Microsoft spending billions on AI while researchers keep sharing stories about rejected reports, bounty disputes and bugs that somehow don’t qualify, this is the kind of meme you get
Single card output. Shoving at home.
Last Seen Users on Sotwe
AMATÖR SEVERLER🔞
Seen from Turkey
Sofia
Seen from Turkey
Chinese BDSM
Seen from Indonesia
Hijab NSFW 700
Seen from Indonesia
الغرفة السرية
Seen from Netherlands
دينا الشربيني
Seen from Turkey
Youssef Gehad 7
Seen from United States
Erdal Danışman
Seen from Turkey
𝙔𝙄𝘾𝘾𝙃𝙄
Seen from Argentina
Soner gürkan
Seen from Germany
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers