Advertisement
VU
HIGH
Vulnerabilities
VS Code Zero-Day Exploit: Stealing GitHub Tokens via URI Handlers
Security researcher mthcht reveals a VS Code zero-day vulnerability allowing GitHub token theft via URI handlers. Learn how to defend against this exploit.
Runtime Rebel Intel
4 min read·Jun 3, 2026
TH
HIGH
Threat Intel
GitHub Malware Campaign: Fake VS Code Alerts Target Developers
Attackers exploit GitHub Discussions to push malware via fake VS Code security alerts. Learn the TTPs used to target developers and how to mitigate risk.
Runtime Rebel Intel
3 min read·Mar 27, 2026
HIGH
Threat Intel
WaterPlum Abuses VS Code Tasks to Deploy StoatWaffle Malware
North Korean threat actor WaterPlum leverages VS Code tasks.json to automate StoatWaffle malware deployment during fraudulent developer recruitment campaigns.
Runtime Rebel Intel
4 min read·Mar 23, 2026