Multiple plugins for JetBrains IDEs steal API keys for OpenAI, DeepSeek & Co.

At least 15 plug-ins for JetBrains IDEs transmit API keys to an external server, while otherwise offering their promised ...
The Hacker News

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...
Infosecurity Magazine

Fifteen JetBrains Marketplace Plugins Found Stealing API Keys

Security researchers have uncovered a coordinated campaign designed to steal developers’ AI-related API keys via malicious ...
latesthackingnews.com

LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...
VentureBeat

OpenAI is shutting down Sora, its powerful AI video model, app and API

OpenAI is shuttering Sora, its stand-alone AI video generation app and social network, and the availability for developers to access the Sora 2 video model family through its application programming ...
The Next Web

OpenAI now lets you lock your ChatGPT account with a hardware key. Here is why it thinks you should.

OpenAI launched Advanced Account Security for ChatGPT and Codex, an opt-in feature that replaces passwords with passkeys or hardware security keys, disables email and SMS recovery, and automatically ...