Security researchers identified a coordinated malware campaign within the JetBrains Marketplace designed to exfiltrate developer API keys.

global

Who

Security researchers, Aikido Security, Sophos

What

When

Wed, 17 Jun 2026 14:59:57 GMT · 2h 23m ago

Where

global ·

Why

The malware masquerades as standard coding assistants powered by language models and exploits high-trust developer environments to steal credentials by transmitting them to an external server.

The Frontline Impact

How this affects you

This malware campaign leverages stolen API keys for commercial gain and highlights a broad vulnerability in non-human identity management, with identity-related breaches affecting 71% of organizations globally and costing an average of $1.78M to rectify. Stolen API keys also serve as an entry point for broader infrastructure attacks, with 66.5% of ransomware victims identifying identity breaches as the mechanism for ransomware execution.

Story chain

1 event in this thread

No related history yet - this is the origin event.

Verified Sources & Citations

Developer Tech News
https://www.developer-tech.com/news/jetbrains-marketplace-malware-exposes-developer-api-keys/
HIGH

Credibility ratings reflect the AI ingestion pipeline's assessment of source provenance.