"Researcher Ammar Askar publicly disclosed a VS Code vulnerability after a negative experience with MSRC. The flaw allows attackers to steal OAuth tokens via malicious extensions in browser-based VS Code. This follows a trend of researchers bypassing standard disclosure processes due to perceived disrespect from Microsoft."