Malicious JetBrains Plugins Steal AI API Keys. How to Protect Yourself?

MarGib July 06, 2026
🌐 🇵🇱 Polski · 🇬🇧 EN

In June 2026, an attack on JetBrains IDE plugins was detected, targeting the theft of artificial intelligence API keys. How did the breach occur, and what steps can you take to prevent losses?

Ilustracja przedstawiająca zagrożenia w środowisku programistycznym – złośliwe wtyczki kradną klucze API AI.
Cyber threat in the IDE world: malicious plugins lurk for AI API keys.

Over the past few weeks, the tech industry has been abuzz with news of a large-scale attack on JetBrains plugins, designed to steal artificial intelligence API keys. According to reports published by The Hacker News and BleepingComputer, malicious plugins distributed through JetBrains’ official Marketplace were surreptitiously harvesting sensitive data, exposing thousands of developers and companies to serious financial and reputational losses.

This incident is not isolated—history has seen attacks on plugins in other development environments, such as VS Code and Eclipse. However, the scale and direct threat to AI tools make it particularly dangerous. In this article, we explain how the attack unfolded, which plugins were involved, and—most importantly—what steps you should take to secure your development environment.

How did the attack happen? Breach mechanism

The attack on JetBrains plugins was no accident—it employed a multi-layered infection method designed to maximize the theft of API keys. According to security analyses, malicious plugins were distributed as tools for AI model integration or IDE productivity enhancements. In reality, they contained hidden code that:

  • Scanned JetBrains configuration files for stored API keys (e.g., in ~/.config/JetBrains/ directories or environment variables),
  • Exploited vulnerabilities in plugin execution mechanisms to evade detection by standard security tools,
  • Transmitted stolen data to remote servers controlled by attackers, often via encrypted channels (e.g., DNS-over-HTTPS),
  • In some cases, enabled takeover of active AI chat sessions by manipulating IDE process memory.

To date, no official list of malicious plugins has been published by JetBrains or any other source. Media reports, however, suggest the attack was large-scale—hundreds, if not thousands, of users may have fallen victim. According to The Register, some plugins had been distributed for over a year, indicating the attack was purposeful and long-term.

Who fell victim to the attack? Threat scale

While JetBrains has not disclosed the number of affected users, media reports suggest the attack was global and large-scale. The most vulnerable were individuals and organizations using:

  • AI models from OpenAI, Hugging Face, Anthropic, and other providers,
  • IDE plugins offering AI integration (e.g., code autocompletion, documentation generation),
  • Development environments used in startups, corporations, and open-source projects.

It remains unclear whether the attack targeted specific sectors, but experts warn that API key theft can lead to severe consequences:

  • Use of stolen keys for costly computational attacks (e.g., training AI models at someone else’s expense),
  • Theft of sensitive business data transmitted via AI chat sessions,
  • Distribution of malware on behalf of the victim (e.g., through automatically generated code containing backdoors).

As Dark Reading points out, this attack is further evidence that threats to AI tools extend beyond the network—they increasingly target local development environments.

JetBrains' response: What did the vendor do? What do they recommend to users?

JetBrains confirmed the incident on June 10, 2026, via its official security blog. The company took the following actions:

  • Blocked suspicious plugins in the JetBrains Marketplace,
  • Launched an investigation to identify the attack’s source and scope,
  • Recommended that users immediately update their IDEs to the latest versions (e.g., IntelliJ IDEA 2026.2, PyCharm 2026.2),
  • Warned against installing suspicious plugins and advised reviewing existing ones,
  • Encouraged users to rotate all AI API keys used in their tools.

JetBrains has not released a specific list of malicious plugins. According to experts, this may stem from concerns about spreading panic or due to the ongoing investigation. The company has also not confirmed whether the attack was linked to a specific hacking group.

It’s worth noting that JetBrains is not alone in facing such threats. Earlier, in 2023 and 2024, malicious plugins were detected in the VS Code Marketplace and Eclipse Marketplace, containing cryptocurrency miners or backdoors. In 2025, GitHub also introduced mandatory scanning of plugins for malware—another sign that this is an industry-wide issue.

Which AI models and tools are at risk?

The JetBrains plugin attack targeted all AI API keys stored locally in the IDE environment. According to available information, the following were at risk:

  • API keys for OpenAI (ChatGPT, Codex, DALL·E),
  • Keys for Hugging Face models (e.g., Stable Diffusion, BLOOM),
  • Keys for Anthropic models (Claude),
  • Keys for other providers, such as Mistral AI, Cohere, or local model instances (e.g., Llama).

In some cases, attackers were able to intercept active AI chat sessions. This means hackers could not only steal API keys but also export conversations, manipulate model responses, or inject malicious code into answers.

Experts emphasize that the threat affects not only individual developers but also companies using AI in their business processes. API key theft can lead to leakage of sensitive business data, costly computational attacks, or even extortion.

Previous cases of attacks on AI tools and IDEs

To better understand the threat landscape, let’s look at earlier attacks on development tools and AI:

  • 2023 – VS Code Marketplace: The "Dracula Theme" plugin contained a cryptocurrency miner, infecting thousands of users.
  • 2024 – Eclipse Marketplace: The "JDT Language Server" plugin included a backdoor enabling remote code execution.
  • 2025 – Phishing for OpenAI keys: Attackers impersonated official OpenAI pages to trick developers into revealing API keys.
  • 2025 – GitHub: Mandatory plugin malware scanning was introduced after several infection cases were detected.

These incidents show that threats to AI tools and IDEs are not new, but the June 2026 attack stands out due to its scale and direct goal: API key theft.

How to protect yourself? Practical security guide

If you use JetBrains IDEs (e.g., IntelliJ IDEA, PyCharm, WebStorm) and rely on AI tools, take the following steps to minimize risk:

1. Update your environment

The first and most critical step is to update your IDE to the latest version. JetBrains regularly releases security patches that may protect against known attacks. Ensure that:

  • You have the latest IDE version installed (e.g., IntelliJ IDEA 2026.2+),
  • Your operating system and antivirus software are up to date,
  • You use official distribution channels (e.g., JetBrains website).

2. Review and disable suspicious plugins

Even without an official list of malicious plugins from JetBrains, you should review your installed plugins and remove any that:

  • Are no longer actively maintained (last update over a year ago),
  • Come from unknown authors or suspicious sources,
  • Claim to integrate with AI (e.g., "AI Assistant," "Code Genius") but aren’t developed by JetBrains or trusted communities,
  • Trigger suspicious network activity (check IDE logs or use tools like Wireshark).

To do this:

  1. Open your IDE and go to Settings → Plugins.
  2. Review the list of installed plugins and remove any that raise concerns.
  3. Use the JetBrains Marketplace search to check ratings and reviews (e.g., https://plugins.jetbrains.com/).

3. Change API keys

If you suspect your API keys may have been compromised, invalidate them immediately and generate new ones. Follow your provider’s instructions:

If you use keys in environment variables, update them in your operating system as well. Remember to:

  • Never store keys in plaintext files or unencrypted locations,
  • Use password managers (e.g., KeePassXC) to store keys,
  • Limit key permissions (e.g., use keys with daily spending limits).

4. Monitor activity

To detect potential breaches, monitor your IDE environment’s activity. Check:

  • IDE logs: Review log files (e.g., ~/.config/JetBrains//log/) for suspicious network connections.
  • Network traffic: Use tools like Wireshark or tcpdump to identify unknown connections.
  • File changes: Verify if any suspicious files or code changes appear in your projects.

If you suspect a breach, report the incident to the appropriate authorities or your API provider.

5. Use external scanning tools

To enhance security, consider using external tools to detect malware. Here are some options:

Was the attack mass-scale or targeted?

Currently, there is no definitive information on whether the attack was targeted or mass-scale. Media reports suggest hundreds, if not thousands, of users may have been affected. However, due to the lack of official statistics from JetBrains or law enforcement, it’s unclear whether the attack was:

  • Widespread (e.g., automatic infection of all users of a specific plugin),
  • Targeted (e.g., aimed at specific companies or industries).

Experts suggest that given the distribution method of malicious plugins (via the official JetBrains Marketplace), the attack was likely large-scale. However, it cannot be ruled out that some plugins were intentionally distributed among specific user groups.

Additionally, there is no information on whether attackers were able to exploit the stolen API keys for specific attacks. According to Dark Reading, possible scenarios include:

  • Using keys for costly computational attacks (e.g., training AI models at someone else’s expense),
  • Theft of sensitive business data transmitted via AI chat sessions,
  • Spreading malware on behalf of the victim.

Summary: What steps should you take today?

The JetBrains plugin attack is yet another reminder that threats to AI tools and IDEs extend beyond the network. Increasingly, they target local development environments, posing serious risks to developers, companies, and the entire tech industry.

To protect yourself from losses, you should:

  1. Update your environment – install the latest JetBrains IDE and OS updates.
  2. Review installed plugins – remove suspicious ones and rely only on trusted sources.
  3. Change API keys – invalidate old keys and generate new ones, storing them securely.
  4. Monitor activity – check IDE logs and network traffic for suspicious activity.
  5. Use external tools – employ antivirus software, scanners, and password managers to enhance security.

Remember, the security of your development environment is critical—not just for you, but also for your clients and collaborators. Don’t underestimate this threat—take action today to avoid financial and reputational losses.

Sources

Facebook X E-mail

Comments

Dodaj komentarz

Explore

Labels

news 11 Windows 10 browsers 10 Automation 9 Opera 9 Security 9 Technology 8 automation 8 facebook 8 web applications 8 Software 7 chrome 7 coaching 7 curiosities 7 technology 7 www 7 Docker 6 LLM 6 Microsoft 6 Mind 6 Programming 6 Web browser 6 entertainment 6 new technologies 6 Anthropic 5 Cybersecurity 5 God 5 OpenAI 5 Productivity 5 Red Hat 5 books 5 education 5 CentOS 4 ChatGPT 4 Claude 4 Claude AI 4 Open Source 4 RedHat 4 Ubuntu 4 Vivaldi 4 Windows 10 4 Windows system administration 4 algorithms 4 applications 4 containers 4 health 4 machine learning 4 people 4 photography 4 programming 4 trivia 4 Administration 3 Android 3 BIG DATA 3 Business 3 FAQ 3 FIFA 3 Firefox 3 Google projects 3 Homelab 3 Local AI 3 Personal Development 3 Personal Finance 3 Privacy 3 Programs 3 Python 3 bash 3 communication 3 computer science 3 cybersecurity 3 extensions 3 faith 3 future of work 3 games 3 good movie 3 help 3 human 3 interesting websites 3 interface 3 media 3 mindfulness 3 money 3 n8n 3 network 3 opensource 3 personal competencies 3 personal development 3 psychology 3 reading 3 religion 3 security 3 system administration 3 tools 3 virtualization 3 web browser 3 websites 3 AI agents 2 AI assistant 2 AI ethics 2 Asus 2 Career 2 Centos 2 Cloud 2 Codex 2 Configuration 2 Debian 2 Debugging 2 DevOps 2 Docker Machine 2 Drones 2 Education 2 Free Red Hat 2 Guide 2 Hardware 2 Intel 2 Intelligence 2 Japan 2 JavaScript 2 Job Market 2 Kernel 2 Machine Learning 2 Medicine 2 Mythos 2 Netflix 2 Performance 2 Poland 2 Psychology 2 Puppeteer 2 RHEL7 2 RSS 2 Rocky Linux 2 Rust 2 Sakana AI 2 Self-hosting 2 Servers 2 Software Engineering 2 Windows administration 2 Windows errors 2 ansible 2 better life 2 brain 2 chat 2 children 2 cloud storage 2 communicator 2 communities 2 computer intelligence 2 computers 2 conferences 2 creativity 2 curl 2 cyberattacks 2 data 2 death 2 developer tools 2 documentary 2 earning 2 emotions 2 file storage 2 fix 2 free application 2 free courses 2 free knowledge from the internet 2 free training 2 genius 2 hacker 2 investments 2 knowledge 2 language models 2 learning 2 local AI 2 mind manipulation 2 mind programming 2 mobile 2 mobile apps 2 mobile phones 2 motivation 2 movie 2 multimedia 2 open source 2 open-source 2 performance 2 personal thoughts 2 photos 2 plugin 2 podcast 2 privacy 2 prompt 2 shell 2 software 2 technological innovations 2 terminal 2 torrent 2 trick 2 wealth 2 weather 2 web 2 wisdom 2 youtube 2 (Treści etykiet nie zostały podane w treści wejściowej) 1 120B models 1 21st Century Skills 1 2FA 1 2nm processors 1 64 bit 1 7 1 ACT therapy 1 AGI 1 AI API key theft 1 AI Agents 1 AI Frameworks 1 AI History 1 AI Safety 1 AI benchmarks 1 AI censorship 1 AI cyber threats 1 AI future 1 AI governance 1 AI in healthcare 1 AI in school 1 AI in sports 1 AI on mobile devices 1 AI optimization 1 AI safety 1 AI superchips 1 AI tool attacks 1 AI tools 1 AIMP 1 AMD ROCm 1 API 1 API key protection 1 Acquisition 1 Alan Watts 1 Alexander Gerst 1 AlmaLinux 1 Alpine Linux 1 Amazon Kuiper 1 Andrej Karpathy 1 Anonymous 1 Apache 1 Apple 1 Apple 2025 1 Apple Silicon 1 Aria AI 1 Audacity 4 1 AutoGen 1 Banking 1 Bash 1 Big Data 1 Bill Warner 1 Biotechnology 1 Black Mirror 1 Blackwell B100 1 Blockchain 1 Bonding 1 Bono 1 Business and Finance 1 C++ 1 CPU 1 CUA 1 CUDA 1 Career Development 1 Chat GPT 1 Chemtrails 1 ChildOnlineSafety 1 Claude Fable 1 Coaching 1 Computer-Using Agent 1 Constitutional AI 1 Copilot 1 Copilot for Finance 1 Couching 1 CrewAI 1 Cryptocurrencies 1 Cyberbullying 1 Dario Amodei 1 Darwin 1 Data Science 1 Deep Learning 1 DeepSeek 1 Deepseek 1 Deluge 1 Devin AI 1 Diagnostics 1 Digitalization 1 Docker containers 1 Drivers 1 Dystrybucje 1 E2EE 1 E2EE vulnerabilities 1 EA GAMES 1 EA SPORTS 1 Earth AI 1 Economics 1 Email 1 Emigration 1 Enterprise Linux 1 Entrepreneurship 1 Error 1 European Funds 1 Excel 1 FIFA 16 1 Fable 1 Facebook 1 Fact-checking 1 Fake News 1 Flannel 1 Flynn Effect 1 Football 1 Foundation 1 Free 1 Free Software 1 Free software 1 Fugu Ultra 1 Future 1 Future of Finance 1 Future of Work 1 GDPR 1 GLM-5.2 1 GPT 1 GPT-4 1 GPT-4.5 1 GPU Cloud 1 GUI 1 Gemini 1 Gemma 4 1 Generation Z 1 GitHub 1 Golden Gate 1 Google Assistant 1 Google DeepMind 1 Google Gemma 4 12B 1 Google Research 1 Google activity 1 GoogleFamilyLink 1 Got Talent 1 Gregory Kurtzer 1 Guides 1 HTML 1 Hardware Requirements 1 Health Intelligence 1 Hygge 1 IAM 1 IBM 1 IDE 1 IDE security 1 IQ 1 ISIS 1 ISS 1 IT 1 IT history 1 Intelligent email 1 Internet Browser 1 Internet browser 1 InternetEducation 1 Interview 1 Islam 1 Islamic State 1 Jacquard 1 Jboss 1 JetBrains Marketplace 1 Jetson Thor price 1 Joel Pearson 1 Kali Linux 1 Karen Hao 1 Khan Academy 1 Kylian Mbappé 1 LLM Deployment 1 Labor Market 1 Legal regulations 1 LibreOffice 1 Linux automation 1 Linux diagnostics 1 Linux system tools 1 Linux task management 1 Linux task scheduling 1 Logs 1 Londoners 1 MFA 1 MLX 1 Maps 1 MarGib_Film 1 Marek Jankowski 1 Mars helicopter 1 Material Design 1 Matt Pocock 1 Microsoft 365 1 Military 1 Mindfulness 1 Miłosz Brzeziński 1 Monitoring 1 MrBallen 1 My take 1 NATO 1 NTFS 1 NVIDIA 1 NVIDIA Blackwell 1 NVIDIA Jetson Thor 1 National security 1 Navy SEALs 1 Neural Networks 1 New 1 Nginx 1 No comment 1 Node.js 1 Non-profit 1 Notion 1 Nvidia 1 Odysseus 1 Opera Air 1 Opera Neon 1 Opera Touch 1 Operating Systems 1 P2P 1 PARP 1 Pac-Man 1 Pekao S.A 1 Peperclips 1 Perceptron 1 Personal development 1 Philosophy 1 Photoshop 1 Playwright 1 Poland 2026 1 Poles 1 PostgreSQL 1 PowerShell 1 Project Maven 1 Project TANGO 1 Proton Drive 1 PyTorch 1 Qt Creator 1 Quotes 1 RHEL8 1 Raspberry PI 1 Raspberry Pi 1 Raspbian 1 Red Hat 8 1 Red Hat Enterprise Linux Developer Suite 1 RedHat 8 1 Regex 1 Robo-advisors 1 SMEs 1 SUSE 1 SafeInternet 1 SaferInternetDay 1 Safety 1 Sakana Fugu 1 Search 1 Sector 3.0 Festival 1 Security Auditing 1 September 23 2017 1 Server Administration 1 Signal 1 Smart City 1 Snip. 1 Social Media 1 Soli 1 Solo Projects 1 Solopreneurship 1 Something from myself 1 Sound 1 Sovereign AI 1 Sport 1 Starlink 1 Steam Deck 1 SysAdmin 1 System Administration 1 Tech 1 Tech Weekly 1 Telegram 1 TensorFlow 1 The Shack 1 Time Management 1 Tips 1 Tokenomics 1 Tools 1 Tribler 1 Tutorial 1 U.S. 1 U.S. government 1 U2 1 UI testing 1 USB 1 UV 1 Ubuntu 26.04 1 Ubuntu Server 1 VentuSky 1 VirtualBox 1 Virtualization 1 WBC 1 WSL 3 1 WWDC 2026 1 WWDC26 1 Warsaw 1 Weave 1 Web Scraping 1 Websites 1 WhatsApp 1 Windows update 1 Work 1 Workflow 1 World Cup 1 World Cup 2026 1 World Wide Web 1 X-Files 1 X-files 1 YouTube 1 ZUS 1 ZenFone 1 a drop of motivation 1 about this blog 1 account security 1 achieving goals 1 ad blocking 1 addiction 1 administrator 1 aids 1 animations 1 application prototyping 1 assertiveness 1 at one-time tasks 1 at vs cron 1 atd daemon 1 audio 1 audio editing 1 automateit 1 autonomous cars 1 awareness 1 bank 1 bash on windows 1 bat files 1 batch 1 battery 1 beliefs 1 beta 1 better living 1 better quality 1 big data 1 bin/bash 1 biodiversity 1 blocking 1 blogger 1 body language 1 bookmarks 1 boot 1 bootable usb 1 boxing 1 brain-computer interfaces 1 browser automation 1 business intelligence 1 c# 1 calc 1 campaign 1 cards 1 centralized platforms 1 chemistry 1 clearance 1 cli tools 1 climate change 1 clothing industry 1 cmd 1 code editor 1 cognitive psychology 1 coldplay 1 command history 1 command line 1 command prompt 1 comments 1 computer interaction 1 concentration 1 configuration management 1 conntrack 1 console 1 conspiracy 1 conspiracy theories 1 controversial 1 converter 1 corporate world 1 cost optimization 1 courage 1 courses 1 courses for free 1 critical thinking 1 dark mode 1 data security 1 database 1 datasette 1 date and time 1 deep learning 1 democracy 1 desertification 1 design systems 1 digital clothing 1 digital detox 1 digital hygiene 1 digitalization 1 disqus 1 document 1 document conversion 1 dreams 1 drop of motivation 1 drought 1 dubai 1 dying 1 e-book 1 eBPF 1 ecology 1 economy 1 ecosystem restoration 1 edge computing 1 elections 1 end of the world 1 end of world 1 end-to-end encryption 1 energy 1 energy efficiency 1 environment and health 1 ethical AI 1 evolution 1 excel 1 exploitation 1 extreme 1 file sharing 1 file size 1 film zone 1 flash drive 1 flat earth 1 flying 1 food 1 football 1 for sale 1 format change 1 free 1 free software 1 friend location 1 future of education 1 future of humanity 1 future of the internet 1 future of transport 1 future skills 1 game 1 geoengineering 1 global connectivity 1 google chat 1 graphics 1 graphics editors 1 growing up 1 hacking 1 happiness 1 hard-link 1 hashing 1 hedonic adaptation 1 helion 1 history 1 hobby 1 home hosting 1 hostname 1 hostnamectl 1 how many people live on earth 1 humanity 1 humor 1 iOS 1 iPhone 18 Pro 1 iPhone launch 1 iftop 1 immortality 1 influencer criticism 1 infrastructure 1 innovation 1 installation 1 integrations 1 intelligence 1 internet applications 1 investigative journalism 1 investing 1 javascript 1 job market 1 kuba wojewódzki 1 labor market 1 light 1 login 1 loop-audit 1 loop-cost 1 loop-init 1 macOS 1 magic 1 make life harder 1 making money 1 malicious JetBrains plugins 1 malware in IDE 1 markdown 1 markitdown 1 material design 1 meditation 1 memory 1 mental health 1 message security 1 messenger 1 meteorology 1 microsoft 1 microtargeting 1 mobile applications 1 mobile photography 1 mounting 1 mp3 player 1 music 1 music player 1 mysteries 1 national defense 1 nature conservation 1 net use 1 nethogs 1 network monitoring 1 network resources 1 network security 1 networking 1 neurobiology 1 neuropsychology 1 neurotechnology 1 new life 1 new player 1 new things 1 nftables 1 office 1 onboarding 1 one-time cron 1 onestep4red 1 online 1 online courses 1 online privacy 1 operating systems 1 outage 1 overstimulation 1 package manager 1 paper clips 1 paradox of the fulfilled dream 1 parenting 1 parents 1 password 1 password change 1 password policy 1 password recovery 1 password security 1 pdf 1 penetration testing 1 perseverance 1 personal data 1 philosophy 1 phishing 1 php 1 plague 1 player 1 poison 1 police 1 predictions 1 promissory notes 1 protection 1 python 1 questions 1 radar 1 red 1 regulations 1 relax 1 relaxation 1 remote work 1 reportage 1 rest 1 risk 1 robotaxi 1 root 1 routing 1 satellite data 1 satellite internet 1 science 1 scientific facts 1 scraping 1 screen 1 screenshot 1 self-development 1 series 1 show 1 skills 1 skydive 1 sleep 1 small big company 1 smart clothing 1 smartphone 1 smartphones 1 social engineering 1 social media 1 society 1 space 1 space technology 1 sport 1 sports 1 spreadsheet 1 sqlite 1 stalking 1 statistics 1 streaming 1 sub-millimeter sensor 1 success 1 symbolic link 1 syngrapha 1 system acceleration 1 tablet 1 talk show 1 technical documentation 1 technology addiction 1 technology regulations 1 television 1 terrorism 1 testing 1 the world in numbers 1 threats 1 time management 1 time travel 1 timelapse 1 tips 1 two-factor authentication 1 ubuntu 1 upbringing 1 user interface 1 users 1 viral 1 virtualbox 1 walking 1 walking meetings 1 water retention 1 weather forecasting 1 webmaster 1 windows automation 1 word processing 1 work 1 work automation 1 world 1 world cup 2026 1 world wide web 1 you are a miracle 1 zeitgeist 1

Blog archive

Table of contents