Dossier
JetBrains Marketplace
Coverage of JetBrains Marketplace in the Nexus archive.
- Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
Cybersecurity researchers identified a coordinated malware campaign on the JetBrains Marketplace involving 15 malicious plugins that steal AI provider API keys. These plugins masquerade as AI coding assistants using models like DeepSeek, offering features such as code reviews and chat while exfiltrating sensitive data.