The Hacker News

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...
CSOonline

AI startups leak sensitive credentials on GitHub, exposing models and training data

Experts say the leaks highlight how fast-growing AI firms may be prioritizing innovation over basic DevSecOps hygiene, leaving valuable intellectual property and data at risk. Nearly two-thirds of the ...
Infosecurity Magazine

Fifteen JetBrains Marketplace Plugins Found Stealing API Keys

Security researchers have uncovered a coordinated campaign designed to steal developers’ AI-related API keys via malicious ...
Visual Studio Magazine

VS Code Expands AI Flexibility with Bring Your Own Key

Microsoft announced expanded AI model support in Visual Studio Code through a new Bring Your Own Key (BYOK) capability that lets developers connect models from different providers by entering their ...
CoinTelegraph

Viral AI assistant ‘Clawdbot’ risks leaking private messages, credentials

Misconfigured Clawdbot servers exposed API keys, private chats and credentials, cybersecurity researchers warn after the AI assistant surged in popularity Cybersecurity researchers have raised red ...
TechCrunch

AI evaluation startup Braintrust confirms breach, tells every customer to rotate sensitive keys

AI evaluation startup Braintrust has urged customers to revoke and replace their API keys after an earlier breach of customer secrets. According to an email sent to customers Monday and seen by ...
Memeburn

PewDiePie's Odysseus: Everything About Free AI Workspace Prevents Big Tech From Stealing Your Data

PewDiePie just launched Odysseus, a free self-hosted AI workspace in 2026 that runs locally — no subscriptions, no data tracking, no big tech cloud required.