CVE-2026-15923

Hi guys! Recently I got this email from notifications@github.com.

I read through the email and spotted a few grammatical errors, as well as a share.google link, which I thought was unusual for Microsoft to do.

Even though it was fully delivered and signed by GitHub.com, I realised that what the attackers did was creating an issue on GitHub, then they tagged all the users they wanted to phish in a comment (which shows as the affected users section).

Additionally, pressing the View it on GitHub link at the bottom of the email and trying to manually search the repository didn’t work. The attacker likely deleted the repo or made it private. Same case for the GitHub Account mentioned.

I would like some guidance on how to report a non-existent repository.

Key Information

A major security weakness has been found in Visual Studio Code.

Threat Level: CVE-2026-15923-48571

At-Risk Releases: [1.0-1.112.4]

OS: Windows OS particularly

Priority step recommended for Windows OS machines:

Update to the [1.112.5] right away: https://share(.)google/HocZGBHkUdPidBROY

Impact

Cybercriminals have the ability to execute and launch malicious plugins no user approval on Windows OS systems. This issue permits unauthorized program deployment that might trigger to:

Unapproved entry to customer networks

Deployment of compromised payloads

Information theft

Machine takeover

Windows-based users are urgently instructed to patch promptly.

Identified by: Theodore Caldwell, Nova Science Ventures

⚠️ At-Risk accounts:

@Mistveil-Z @sadjdbqihdiqwd @fenglan111 @aadishsamir123 @qureshiahmedraza04-del @linnene @UrbanEcho2220 @newwlfz @Privitorta @AHMEDxHAGAG @mahayash315 @MadDog-Kk-499 @sgbilod @aitoriasdev @tylerseymour @DEADORE4410 @davidgtorner @Render78 @DevCheckOG @Pyshkin1978 @BrysonHJudacullaRock @erezak @Shen-18 @86salo @Bolajiomo99 @gito-UK @Muir1111 @adem-ocel @GuqiaoLiang @sbaig2020 @MichealgodJordan @0936243502pae-netizen @poyrazavsever @rakeshkarmakar7602-hub @khiemntpoly9 @NEO0085-lullu @MengchaoPang @lin0703 @tohid4n @nexonix290

—

Reply to this email directly, view it on GitHub, or unsubscribe.

You are receiving this because you were mentioned.