Security
JetBrains Marketplace plugins steal AI API keys
Security researchers identified 15 malicious plugins on JetBrains Marketplace designed to steal AI API keys from developers, affecting tools like OpenAI and DeepSeek. The plugins, installed nearly 70,000 times, transmit credentials to a hardcoded server and may redistribute stolen keys to paid users.