Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
Summary
Cybersecurity researchers discovered 15 malicious plugins on the JetBrains Marketplace (a platform where developers download tools for their coding environment) that pretend to be AI coding assistants but secretly steal API keys (authentication credentials that allow access to paid AI services like OpenAI and DeepSeek). The stolen keys are sent to an attacker's server, and some keys are resold to other criminals in what appears to be an illegal monetization scheme. Additionally, two malicious Chrome extensions disguised as ad blockers are capturing users' conversations with various AI chatbots.
Classification
Affected Vendors
Related Issues
Original source: https://thehackernews.com/2026/06/malicious-jetbrains-plugins-steal-ai.html
First tracked: June 17, 2026 at 08:00 AM
Classified by LLM (prompt v3) · confidence: 95%