Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
omelas_tech
23 days ago
|
parent
|
context
|
favorite
| on:
1-Click GitHub Token Stealing via a VSCode Bug
tl;dr: never press github.dev or open vscode.dev on a repo you don't trust
simonw
23 days ago
|
next
[–]
That's a hard rule to follow when any website on the internet might redirect a browser tab to a URL on one of those domains.
minitech
23 days ago
|
prev
[–]
and don’t open links like
https://tinyurl.com/2s3twstw
either, or any other page on the internet that’s able to redirect you to github.dev
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
