Latest news

1-Click GitHub Token Theft: VSCode Webview Flaw Exposes OAuth Tokens for All Private Repositories
Vulnerability

1-Click GitHub Token Theft: VSCode Webview Flaw Exposes OAuth Tokens for All Private Repositories

3 June 2026 dark6

A critical VSCode webview vulnerability lets attackers steal GitHub OAuth tokens with a single click, granting full access to all...
Read more 0
Vercel Data Breach: ShinyHunters Exploit OAuth Supply Chain Attack to Steal Customer Credentials for $2M Sale
Databreach

Vercel Data Breach: ShinyHunters Exploit OAuth Supply Chain Attack to Steal Customer Credentials for $2M Sale

7 May 2026 dark6

Vercel has confirmed a security breach originating through a compromised third-party AI tool (Context.ai), where attackers used stolen OAuth tokens...
Read more 0
Vercel Confirms OAuth Supply Chain Breach Linked to Context.ai Compromise; ShinyHunters Claims Responsibility
Databreach

Vercel Confirms OAuth Supply Chain Breach Linked to Context.ai Compromise; ShinyHunters Claims Responsibility

23 April 2026 dark6

Vercel has disclosed an internal breach caused by a compromised Context.ai OAuth token harvested via Lumma Stealer. A limited set...
Read more 0