Tag: aikido security
4 articles

Malicious Plugins Exfiltrate AI API Keys
Beware of malicious AI plugins masquerading as coding assistants on the JetBrains Marketplace - they might just steal your AI API keys. These 15 sneaky plugins, active since October 2025, cleverly exfiltrate API keys to attacker-controlled servers, all while functioning as promised.

Malicious Plugins Exfiltrate AI API Keys on JetBrains Marketplace
Beware of malicious AI plugins on the JetBrains Marketplace that masquerade as helpful coding assistants but secretly steal your AI API keys. Over 70,000 installations have been recorded from at least 15 compromised plugins that have surprisingly evaded the marketplace's security checks.

OpenAI Codex Tokens Exfiltrated in Malicious npm Supply Chain Attack
For a month, a malicious npm package called codexui-android secretly stole OpenAI Codex authentication tokens from over 29,000 weekly users, sending them to an attacker-controlled server. The package, masquerading as a remote web UI for OpenAI Codex, had gained user trust through active development before being compromised.

Malware Infects Hundreds of Open-Source Packages in Supply-Chain Attack
A massive supply-chain attack, dubbed "mini Shai-Hulud," has infected hundreds of open-source packages with credential-stealing malware, putting millions of developers and users at risk. The malicious code has been embedded in widely-used libraries and projects, including TanStack's React Router, which alone has over 12 million weekly downloads.