The Hacker News

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...
CoinTelegraph

Viral AI assistant ‘Clawdbot’ risks leaking private messages, credentials

Misconfigured Clawdbot servers exposed API keys, private chats and credentials, cybersecurity researchers warn after the AI assistant surged in popularity Cybersecurity researchers have raised red ...
Bleeping Computer

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Researchers found nearly 3,000 such ...