Breaking
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 Hackers Hide Credit Card Stealer in Pixel-Sized SVG Images Targeting Magento Stores Microsoft Suspends Developer Accounts for High-Profile Open Source Projects European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack Ransomware Attacks Surge in 2026: Healthcare and Finance Most Targeted Google Chrome Zero-Day Vulnerability Actively Exploited – Update Immediately Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 Hackers Hide Credit Card Stealer in Pixel-Sized SVG Images Targeting Magento Stores Microsoft Suspends Developer Accounts for High-Profile Open Source Projects European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack Ransomware Attacks Surge in 2026: Healthcare and Finance Most Targeted Google Chrome Zero-Day Vulnerability Actively Exploited – Update Immediately
Latest Threat Intel Zero-Days Data Breaches Analysis
Live threat feed June 17, 2026 | 03:12 UTC
4021 CVEs This Month
15 Actively Exploited
0 Ransomware Activity
25 Breaches YTD
Threat Investigation Portal
Investigate an IOC in the live graph workspace.
Investigate IOC
Cybersecurity News

Malicious Plugins on JetBrains Marketplace Target AI API Keys

Thirumala Rao Padilam Thirumala Rao Padilam June 17, 2026
Malicious Plugins on JetBrains Marketplace Target AI API Keys

Security researchers uncovered at least 15 malicious plugins on the JetBrains Marketplace that were designed to steal AI API keys from developers. These findings highlight ongoing risks in software supply chain security within integrated development environments.

What happened

Researchers discovered multiple malicious plugins distributed through the JetBrains Marketplace that specifically targeted AI API keys belonging to developers. These plugins were crafted to exfiltrate sensitive credentials, potentially enabling unauthorized access to AI services. The number of identified plugins reached at least 15, indicating a coordinated effort to exploit developers using popular JetBrains tools.

Why it matters

The theft of AI API keys can lead to significant security and financial consequences, such as unauthorized usage of AI platforms, data leakage, or inflated service charges. As developers increasingly integrate AI services into their workflows, securing these credentials becomes critical. Malicious plugins in trusted marketplaces undermine developer trust and expose software development ecosystems to supply chain threats.

What security teams should do

Development teams should audit their installed JetBrains plugins and verify the legitimacy of each component, especially those recently added. Reviewing API key usage logs for anomalies and rotating any exposed keys is advisable. Developers should follow JetBrains’ guidance on plugin security and monitor for updates or removals of identified malicious plugins on the marketplace.

Key technical details

The malicious plugins employed techniques to intercept and steal AI API keys from the developer’s environment. Although specific exploit methods were not detailed, the plugins’ primary goal was credential exfiltration. The distribution through the official JetBrains Marketplace highlights the challenge of detecting sophisticated threats embedded in legitimate software extensions.

Affected organizations/products

The malicious plugins impacted developers using JetBrains integrated development environments who installed these compromised plugins from the JetBrains Marketplace. The precise developer base affected has not been disclosed.

Source attribution

https://www.bleepingcomputer.com/news/security/malicious-jetbrains-marketplace-plugins-steal-ai-api-keys-from-developers/

Thirumala Rao Padilam
Written by
Thirumala Rao Padilam
error: Content is protected !!