Developer Tech

JetBrains marketplace malware exposes developer API keys

Security researchers identified a coordinated malware campaign within the JetBrains Marketplace designed to exfiltrate ...
The Hacker News

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...
The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
Infosecurity Magazine

Fifteen JetBrains Marketplace Plugins Found Stealing API Keys

Aikido Security found at least 15 integrated development environment (IDE) plugins on the JetBrains Marketplace which had ...
SecurityWeek

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

Hackers are exploiting a vulnerability in the Gravity SMTP WordPress plugin to extract configuration data, including API keys ...
Tech Times

WordPress Email Plugin Flaw Triggers 17 Million Attacks: Gravity SMTP Leaks Live API Keys

Gravity SMTP WordPress vulnerability CVE-2026-4020 has drawn 17 million automated exploit attempts since May 2026, draining ...
CSO Online

Security considerations for adopting Claude Code and Cowork for SMBs

If your SMB is adopting Claude, roll out features gradually and protect your API keys, because you cannot outsource your ...
Digital Trends

A simple coding mistake is exposing API keys across thousands of websites

After analyzing 10 million webpages, researchers have found thousands of websites accidentally exposing sensitive API credentials, including keys linked to major services like Amazon Web Services, ...
Bleeping Computer

Malicious JetBrains Marketplace plugins steal AI API keys from developers

At least 15 malicious plugins found on the JetBrains Marketplace were designed to steal AI API keys from developers. The campaign, discovered by Aikido Security, includes plugins that act as AI coding ...