← Back to Model Beat
4Products·Jun 17

15 Malicious JetBrains Plugins Caught Stealing DeepSeek, OpenAI API Keys

Security researchers discovered several malicious plugins for JetBrains development environments designed to exfiltrate proprietary AI API keys from user systems. These extensions targeted developers by harvesting credentials, potentially allowing attackers to access private codebases or incur unauthorized usage costs on cloud-based AI services. Users are advised to audit their installed plugins and revoke any compromised keys.

Covered by 3 sources

Related stories

ProductsNew usage analytics and updated spend controls for enterprisesJun 18 · 2 sourcesProductsAdobe adds AI agents to Photoshop, Premiere, and more Creative Cloud appsJun 18ProductsMeta’s new ‘AI Mode’ on Facebook pulls from public info across its platformsJun 15 · 3 sourcesProductsFirst, do NOHARM: towards clinically safe large language modelsJun 16 · 2 sources