Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Cybersecurity researchers have flagged a “coordinated malware campaign” on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys.

“Every plugin poses as an AI coding assistant built on DeepSeek and other large language models, offering chat, commit messages, code review, bug finding, and unit tests,”

Source: The Hacker News

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Attack Update: Top 5 Attack-IPs auf doode.info – 15.06.2026

Watchtower Attack Update. Hier die aktuellen Top 5 Attack-IPs, die auf doode.info klopfen. 89.167.35.212 — 153 requests (recent log) 213.209.159.175 — 59 requests (recent log) 192.253.248.169 — 59 requests (recent

Read More

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform in response to a

Read More

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes A single click on a trusted Microsoft link could have let an attacker pull emails,

Read More