Skip to main content

Tag: aikido security

4 articles

Developer workstation with laptop, monitor, and coding materials, surrounded by a potted plant and papers, with a JetBrains…

Malicious Plugins Exfiltrate AI API Keys

Beware of malicious AI plugins masquerading as coding assistants on the JetBrains Marketplace - they might just steal your AI API keys. These 15 sneaky plugins, active since October 2025, cleverly exfiltrate API keys to attacker-controlled servers, all while functioning as promised.

Analyst 207
Developer workstation with laptop, monitor, and notes in a bright office setting.

Malicious Plugins Exfiltrate AI API Keys on JetBrains Marketplace

Beware of malicious AI plugins on the JetBrains Marketplace that masquerade as helpful coding assistants but secretly steal your AI API keys. Over 70,000 installations have been recorded from at least 15 compromised plugins that have surprisingly evaded the marketplace's security checks.

Analyst 207
Developer workstation with laptop, terminal, and smartphone in a brightly-lit home office setting.

OpenAI Codex Tokens Exfiltrated in Malicious npm Supply Chain Attack

For a month, a malicious npm package called codexui-android secretly stole OpenAI Codex authentication tokens from over 29,000 weekly users, sending them to an attacker-controlled server. The package, masquerading as a remote web UI for OpenAI Codex, had gained user trust through active development before being compromised.

Analyst 207
Software development workspace with laptop, tools, and notes, set against a blurred cityscape with natural light.

Malware Infects Hundreds of Open-Source Packages in Supply-Chain Attack

A massive supply-chain attack, dubbed "mini Shai-Hulud," has infected hundreds of open-source packages with credential-stealing malware, putting millions of developers and users at risk. The malicious code has been embedded in widely-used libraries and projects, including TanStack's React Router, which alone has over 12 million weekly downloads.

Analyst 207