Developer Tech

JetBrains marketplace malware exposes developer API keys

Security researchers identified a coordinated malware campaign within the JetBrains Marketplace designed to exfiltrate ...
Infosecurity Magazine

Fifteen JetBrains Marketplace Plugins Found Stealing API Keys

Security researchers have uncovered a coordinated campaign designed to steal developers’ AI-related API keys via malicious ...
The Hacker News

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...
TMCnet

42Crunch and GitHub Copilot Bring Deterministic API Security Guardrails to Agentic DevSecOps

Crunch, the leading API security platform for the agentic era, today announced the availability of the 42Crunch API Security Testing Plugin for GitHub Copilot. This latest advance enables developers ...

Multiple plugins for JetBrains IDEs steal API keys for OpenAI, DeepSeek & Co.

At least 15 plug-ins for JetBrains IDEs transmit API keys to an external server, while otherwise offering their promised ...
Digital Trends

A simple coding mistake is exposing API keys across thousands of websites

After analyzing 10 million webpages, researchers have found thousands of websites accidentally exposing sensitive API credentials, including keys linked to major services like Amazon Web Services, ...
CSOonline

‘Silent’ Google API key change exposed Gemini AI data

Google Cloud API keys, normally used as simple billing identifiers for APIs such as Maps or YouTube, could be scraped from websites to give access to private Gemini AI project data, researchers from ...
VentureBeat

Why enterprises can’t afford to overlook API security in 2023

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Application and API security is vital for protecting modern enterprise ...
techtimes

ServiceNow Data Breach: Gated Advisory Left Customers Unaware of Exploited Zero-Auth API

Enterprise security teams are auditing logs and rotating credentials this week after ServiceNow confirmed that attackers successfully queried sensitive customer instance data through an ...