The Hacker News

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Microsoft’s powerful RTX Spark mini PC will be sold to consumers

A top Microsoft Surface exec confirmed this week that the Surface RTX Spark Dev Box will be available to whoever wants to buy ...

Another bug hunter leaks Microsoft exploits in defiance of company’s handling of vulnerability disclosures

Yet another aggrieved bug hunter has leaked a vulnerability affecting a Microsoft product after becoming disillusioned with ...
InfoWorld

Pyrefly 1.0: A fast, forward-looking Python linter

Meta’s Rust-powered linter and type checker for Python pairs blazing speed with advanced and innovative features.

Microsoft Build 2026: Company launches 7 new MAI models, expands push into reasoning, coding and healthcare AI

Microsoft has unveiled seven new in-house MAI models covering reasoning, coding, image generation, voice and transcription, ...

And Now I’ve Vibe-Coded a Native Windows 11 App ⭐

The Build 2026 keynote was overly-long, in keeping with tradition. But there was some good news for Windows developers too.
The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.