The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Hack of the day: The safest way to scan QR codes without getting hacked

Fake QR code scam: Unlike regular web links, QR codes hide the destination URL until after you scan them, making it harder to ...