> TritonInfoSec News
Home / Jun 18, 2026 / Story
0
#10 The Hacker News general June 17, 2026 at 09:38 UTC

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

By [email protected] (The Hacker News)

AI Summary

15 malicious plugins on the JetBrains Marketplace, posing as DeepSeek-based AI coding assistants, were found exfiltrating AI provider API keys from developers' machines in what researchers describe as a coordinated campaign. Separately, malicious Chrome extensions were observed capturing chatbot conversation data, representing a targeted supply-chain threat against developer toolchains handling sensitive AI credentials.

Read full article → https://thehackernews.com/2026/06/malicious-jetbra…

Relevance score: 76.0/100

# More from June 18

  1. 1
    Massive breach spills credentials for thousands of sensitive networks Ars Technica Security
  2. 2
    FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices. BleepingComputer
  3. 3
    Critical Fortinet FortiSandbox flaws now exploited in attacks BleepingComputer
  4. 4
    Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development The Hacker News
  5. 5
    144 Mastra npm Packages Compromised via Hijacked Contributor Account The Hacker News
  6. 6
    CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution The Hacker News
  7. 7
    Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack SecurityWeek
  8. 8
    GitHub dismissed security reports on flaws now exploited by supply-chain worm, researchers say The Record
  9. 9
    Critical Copilot vulnerability allowed hackers to seal 2FA code from users Ars Technica Security