The Eclipse Foundation revoked some access tokens from its Open VSX project after a report revealed they were exposed in public repositories. This vulnerability could have allowed attackers to manipulate or distribute malicious extensions. New token prefixes and stricter security measures are being implemented to prevent future incidents.