Rogue AI plugins on JetBrains Marketplace steal developer keys
Security teams are warning developers to vet JetBrains plugins after researchers uncovered 15 malicious entries designed to siphon AI provider keys and harvest chatbot sessions. The rogue packages masquerade as AI coding assistants, promising features like chat assistance, commit messages, code reviews, bug detection, and unit-test generation—all powered by models such as DeepSeek.
A clever disguise with real risks
The plugins appear authentic at first glance, bundling seemingly useful AI features inside the JetBrains IDE ecosystem. Once installed, they quietly transmit captured API keys to remote servers and export chat histories, blending in with legitimate traffic to evade detection. This highlights the growing trend of supply-chain attacks targeting developer tooling, where trust in familiar ecosystems is weaponized against users.
What developers should do now
JetBrains has removed the identified plugins and urged users to audit their installations. Experts recommend checking for recently added AI tools, verifying publisher identities, and scanning for unusual network activity. Maintaining up-to-date security software and monitoring API usage patterns can further reduce exposure.
Source: The Hacker News. AI-assisted editorial synthesis — TechnoExpress.