Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Cybersecurity researchers have flagged a "coordinated malware campaign" on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys. "Every plugin poses as an AI coding assistant built on DeepSeek and other large language models, offering chat, commit messages, code review, bug finding, and unit tests,"

According to Aikido Security and multiple security outlets, at least 15 malicious plugins on the official JetBrains Marketplace posed as AI coding assistants (e.g., DeepSeek/CodeGPT tools) while exfiltrating users’ AI provider API keys (OpenAI, DeepSeek, SiliconFlow) to an attacker-controlled server; these plugins were fully functional, had nearly 70,000 installs, and were updated over months, indicating a coordinated malware campaign embedded in the IDE plugin ecosystem.[1][2][4][5] The Hacker News report also notes related activity with Chrome extensions capturing chatbot conversations, further broadening the attack surface across developer and browser-based AI integrations. From a CyberSE.AI perspective, this is a clear AI supply chain compromise: attackers weaponized trusted marketplaces and common AI integrations to steal high-value bearer tokens that can be used for unauthorized compute, cost fraud, and potential access to sensitive prompts/outputs. Organizations should treat IDE and browser AI extensions as third-party code dependencies, enforce plugin allow-lists, maintain an AI-focused SBOM for developer tools, and regularly rotate/limit AI API keys while monitoring for an