Mastodawn

Malicious Plugins Exfiltrate AI API Keys

Beware of malicious AI plugins masquerading as coding assistants on the JetBrains Marketplace - they might just steal your AI API keys. These 15 sneaky plugins, active since October 2025, cleverly exfiltrate API keys to attacker-controlled servers, all while functioning as promised.

https://osintsights.com/malicious-plugins-exfiltrate-ai-api-keys?utm_source=mastodon&utm_medium=social

#MaliciousPlugins #AiApiKeys #JetbrainsMarketplace #SupplyChain #EmergingThreats

Malicious Plugins Exfiltrate AI API Keys

Discover how malicious plugins on JetBrains Marketplace steal AI API keys and learn how to protect yourself from this coordinated campaign now.

OSINTSights

Analyst207 Jun 17

Malicious Plugins Exfiltrate AI API Keys on JetBrains Marketplace

Beware of malicious AI plugins on the JetBrains Marketplace that masquerade as helpful coding assistants but secretly steal your AI API keys. Over 70,000 installations have been recorded from at least 15 compromised plugins that have surprisingly evaded the marketplace's security checks.

https://osintsights.com/malicious-plugins-exfiltrate-ai-api-keys-on-jetbrains-marketplace?utm_source=mastodon&utm_medium=social

#MaliciousPlugins #AiApiKeys #JetbrainsMarketplace #AikidoSecurity #SupplyChain

Malicious Plugins Exfiltrate AI API Keys on JetBrains Marketplace

Discover malicious JetBrains Marketplace plugins stealing AI API keys; protect your keys now and learn how to secure your development environment effectively today.

OSINTSights

The DefendOps Diaries Apr 30, 2025

Think your site's safe with that "security" plugin? Think again—malicious code is disguising itself as a legit tool to sneak into WordPress sites. Is your site at risk?

https://thedefendopsdiaries.com/protecting-wordpress-sites-from-malicious-plugin-campaigns/

#wordpresssecurity
#maliciousplugins
#cybersecurity
#wordpress
#websafety