AICRIER_2
OPEN FEED
YOU ARE VIEWING ONE ITEM FROM THE AICRIER FEED

Fake JetBrains Marketplace plugins steal API keys

AICrier tracks AI developer news across Product Hunt, GitHub, Hacker News, YouTube, X, arXiv, and more. This page keeps the article you opened front and center while giving you a path into the live feed.

EXPLORE LATEST FEEDSEE FEATURED PICKS

// WHAT AICRIER DOES

7+

TRACKED FEEDS

24/7

SCRAPED FEED

Short summaries, external links, screenshots, relevance scoring, tags, and featured picks for AI builders.

Fake JetBrains Marketplace plugins steal API keys
OPEN LINK ↗
// 3d agoSECURITY INCIDENT

Fake JetBrains Marketplace plugins steal API keys

ANNOUNCEMENTPRODUCTX

Security researchers have discovered a campaign on the JetBrains Marketplace where at least 15 malicious AI coding assistant plugins steal developer API keys. These fully functional extensions lure users with names like DeepSeek and OpenAI, silently exfiltrating credentials to attacker-controlled servers when configured.

// ANALYSIS

This campaign highlights the vulnerability of developer tooling marketplaces to functional-malware attacks targeting high-value API keys.

  • The malware relies on fully functional plugins to avoid detection and accumulate positive reviews.
  • Credential theft happens silently over unencrypted HTTP requests targeting user-inputted API keys.
  • Developers are urged to audit installed extensions and rotate OpenAI, DeepSeek, and SiliconFlow API keys.
// TAGS
securityjetbrainsextensionsmalwareapi-keysdeepseekopenai

DISCOVERED

3d ago

2026-06-17

PUBLISHED

3d ago

2026-06-17

RELEVANCE

8/ 10

AUTHOR

AikidoSecurity