![IntCyberDigest's tweet photo. ‼️🚨 BREAKING: Another researcher skipped coordinated disclosure entirely and dropped a critical 1-click GitHub token theft in public because he doesn't want to deal with MSRC. In his own words: "I really don't want to deal with MSRC on VSCode bugs."
The bug: just clicking a link can hand an attacker a GitHub token that reads AND writes to all your repos, including private ones. It lives in github[.]dev, GitHub's browser-based VSCode editor, which passes the browser an OAuth token that isn't scoped to a single repo. That token can touch everything you can.
Researcher Ammar Askar found that VSCode's sandboxed "webviews" leak keyboard events to the main editor. A malicious repo opened via one link can simulate keystrokes, install a local extension that skips VSCode's publisher-trust check, and exfiltrate your token. He published a working proof-of-concept.
He says when he reports github[.]dev bugs, GitHub tells him they're out of scope and to go report to MSRC, and a prior VSCode bug he reported was silently fixed with no credit. One commenter summed up the mood: "MSRC has turned into Feedback Hub."](https://pbs.twimg.com/media/HJ1p_C8WwAAXovc.png)
Olivia
Online
LuG BeTa
@lugbeta
AI Assisted Developer | Nunca dejamos de ser una versión beta de nosotros mismos.
Joined November 2011
642 Following
149 Followers
4.8K Posts
AI isn't taking our jobs. It's keeping cybersecurity people employed for life.
Oh wow… this is actually insane 😵💫
https://t.co/iCiYD05eAW
Me cerraron el reporte por estar fuera del scope...
¿En serio?
¿Un dependency confusion?
As I'm sure you've all seen by now, nerds have been exploiting Meta's AI agent goop to steal Instagram accounts.
The Instagram AI agent for support could be convinced to reset the credentials to other users accounts by asking nicely and do a super gnarly kickflip on a skateboard, or something, I don't know.
Everyone on social media was freaking out. The trending posts on Xitter was people being all like ERRMERGERD ME INSTAGRAM ACCNT WAS STOLEN. It also resulted in some celebrities having their accounts stolen. One stolen account showed some rapper named Lil Tracy (?) messaging 14 year olds, or something, despite being 18 at the time.
All the big cybersecurity nerds were discussing it, yelling about AI, taking the opportunity to meme Zuckerberg (as is tradition).
The AI exploit thingy has apparently existed for awhile, a few months apparently, but that is kind of just gossip. I haven't seen any solid proof of that. Meta supposedly fixed the issue, but some people are saying you can still ask nicely and do a super gnarly heelflip and Instagram goop gives you account resets.
Cool stuff bro, it's AI, it's lit
pic unrelated
Who to follow
DeepBlue Security & Intelligence
@DeepBlueInfoSec
Cyber security solutions for companies that want to keep a grip on their data. Always and everywhere.
Tim Scanlin
@HeyitsTimmay
Don't be blinded by whats in front of you, strive for more, see the world and the oportunities around you. #Infosec #0Days
Cliff Vazquez 
@cliffvazquez
‼️🚨 BREAKING: Another researcher skipped coordinated disclosure entirely and dropped a critical 1-click GitHub token theft in public because he doesn't want to deal with MSRC. In his own words: "I really don't want to deal with MSRC on VSCode bugs."
The bug: just clicking a link can hand an attacker a GitHub token that reads AND writes to all your repos, including private ones. It lives in github[.]dev, GitHub's browser-based VSCode editor, which passes the browser an OAuth token that isn't scoped to a single repo. That token can touch everything you can.
Researcher Ammar Askar found that VSCode's sandboxed "webviews" leak keyboard events to the main editor. A malicious repo opened via one link can simulate keystrokes, install a local extension that skips VSCode's publisher-trust check, and exfiltrate your token. He published a working proof-of-concept.
He says when he reports github[.]dev bugs, GitHub tells him they're out of scope and to go report to MSRC, and a prior VSCode bug he reported was silently fixed with no credit. One commenter summed up the mood: "MSRC has turned into Feedback Hub."
![IntCyberDigest's tweet photo. ‼️🚨 BREAKING: Another researcher skipped coordinated disclosure entirely and dropped a critical 1-click GitHub token theft in public because he doesn't want to deal with MSRC. In his own words: "I really don't want to deal with MSRC on VSCode bugs."
The bug: just clicking a link can hand an attacker a GitHub token that reads AND writes to all your repos, including private ones. It lives in github[.]dev, GitHub's browser-based VSCode editor, which passes the browser an OAuth token that isn't scoped to a single repo. That token can touch everything you can.
Researcher Ammar Askar found that VSCode's sandboxed "webviews" leak keyboard events to the main editor. A malicious repo opened via one link can simulate keystrokes, install a local extension that skips VSCode's publisher-trust check, and exfiltrate your token. He published a working proof-of-concept.
He says when he reports github[.]dev bugs, GitHub tells him they're out of scope and to go report to MSRC, and a prior VSCode bug he reported was silently fixed with no credit. One commenter summed up the mood: "MSRC has turned into Feedback Hub."](https://pbs.twimg.com/media/HJ1qOHoXEAAa6yQ.jpg)
Calienta que sales.
Necesito que ya sea fin de semana.
Instagram still hasn't (correctly) patched their AI goop account reset thingy. Accounts are still being stolen and Instagram hasn't said anything about it. Nerds continue to find ways to convince AI to reset accounts for them.
People on social media are freaking out because some of these profiles apparently are big sources of revenue for them.
Meanwhile, rumors are floating around that a few weeks ago Instagram laid off a large percentage of their Trust & Safety department and had it replaced with AI.
Very cool
Qué niña tan linda joder.
Qué hermoso día.
@hyperconectado Muy poco. Es un algoritmo que se considera obsoleto hoy en día. Se han encontrado colisiones y se puede hacer fuerza bruta con tazas de hashes altísimas por segundo con el hardware moderno.
"Nos quedamos sin tokens y la latencia es de 15 segundos". Spoiler: No necesitabas un agente autónomo de 5 pasos, necesitabas un script de 20 líneas y un cron job. Estamos viviendo la fiebre del "Agentic AI", pero nos estamos olvidando de los fundamentos de la ingeniería
POSTING ZERO DAYS OR EXPLOITS PUBLICLY DOES NOT MAKE YOU A CRIMINAL
Microsoft has pissed off the entire security community once again
Entre tanta empoderadaprettyprivilegemelomerrzcotodoporexistir, conocer y tener una charla con una chica inteligente es puro 😍
‼️ After the MSRC blog post about Nightmare-Eclipse, researchers are coming forward with their own MSRC horror stories.
The response from the security community isn't going Microsoft's way. As they’re not backing Microsoft.
Gabriel Landau, a well-known Windows security researcher, says he reported a Device Guard bypass with a 90-day window. MSRC told him it met their bar and they'd fix it, then asked him to hold disclosure for extra months. He agreed on the condition they issue a CVE. They patched it silently, decided after the fact it "didn't meet the bar," and never issued the CVE. In his words: "MSRC strung me along for a few extra months to keep me quiet, then broke their word."
Another researcher, rootsecdev, says he responsibly disclosed a legacy-auth flaw that allowed password spraying while avoiding smart lockout. Five months later, MSRC replied that it "doesn't meet the bar for servicing," silently fixed it, and closed the case.
Microsoft's post was meant to defend their coordinated disclosure policy. Instead it became a thread of researchers explaining why they've stopped trusting their process.
Yeah, nah. Big L for Microslop. Nobody has a moral obligation to hand over their hard earned discoveries for free. Pay up or shut up. You are owed nothing, and you will get nothing by stomping your feet like a petulant child because “[this is] an “unnecessary risk” that forced its security teams to work around the clock, to understand, protect customers and develop patches.”
God forbid your people do their jobs and it cost you more money than paying the researcher. Good.
I suggest anyone either disclose them publicly to light a fire under Microsoft’s ass or keep them to yourself. Make them feel the pain of not paying out appropriately to save them time. They have pulled the “doesn’t meet servicing criteria” then patch it next update one too many times for valid bugs.
RE:
https://t.co/prMIqJAkes
Tal vez el karma existe y ese shit show lo demuestra.
On Microsoft's statement today.
They are not wrong that the disclosures are potentially harmful, they are also not (completely) wrong that all avenues for disclosure were not followed....
Where Microsoft IS wrong, they have focused too much on shoveling Copilot into every nook and cranny of Windows, Screwed up Windows Pro (it is more like Home now) and have ignored the security and functionality of the OS for too long.
You don't get to ignore researchers who are finding holes in your OS and tools that should not be there while pushing the slopification of your OS, Tools, and other products.
Anyway, just my 57 cents
Tantos idiomas y eligió hablar con la verdad.
yo solo digo que lo podéis llamar como os dé la gana, pero en su core un frontend sigue siendo un frontend, un backend sigue siendo un backend, un sysadmin sigue siendo un sysadmin, etc…
con la ia no están empezando a existir los perfiles mágicos que saben hacer de todo.
full stop.
están empezando a existir los perfiles que creen que saben hacer de todo porque se lo escriben a claudio y este les monta algo que se puede desplegar a producción y que se puede ver en lamierdaquehemontado(.)com.
puedes llamarte product builder, puedes llamarte token maxxer, puedes llamarte lo que te dé la gana. Si no tienes conocimientos sólidos y fundamentos en arquitectura de software, yo te voy a llamar “ñaper”. Porque eso es lo que eres. Y como buen ñaper que eres, vas a montar ñapas. Y las ñapas se desmontan. Y cuando una ñapa se desmonta, se abre la necesidad a contratar a alguien que sabe lo que hace; no a un prompt flipper.
No caigáis en el hype de las empresas y del hiring del momento. Poned en vuestro CV la palabra de moda para conseguir el puesto de trabajo, pero tened claro que “product builder” no es un rol, es un deseo vago definido por C-level. “Una persona con superpoderes mágicos que me haga de todo” es virtualmente incompatible con “una persona que sepa lo que hace en lo suyo”.
Vaya, ahora todo el mundo se está dando cuenta que un notas sin ideas de programación pidiéndole cosas a Claude es insostenible ☺️
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers