The Hacker News

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Researchers found 15 malicious JetBrains plugins posing as AI coding tools that exfiltrate OpenAI, DeepSeek, and SiliconFlow ...

Frontier Airlines is leaking your passport and credit card details from a boarding pass

If you've ever flown Frontier Airlines and your boarding pass ended up in a photo, a trash can, or a social media post, your ...
Infosecurity Magazine

Fifteen JetBrains Marketplace Plugins Found Stealing API Keys

Security researchers have uncovered a coordinated campaign designed to steal developers’ AI-related API keys via malicious ...
CIO

Architecture-as-code is the next frontier for enterprise governance

Say goodbye to boring architecture review meetings; architecture-as-code turns tedious compliance checks into automated tests ...

S.F. public data was a niche interest. That was before ‘vibe-coding'

Requests to datasets from San Francisco Open Data have skyrocketed since the introduction of AI coding assistants.

Xiaomi's new open source, agentic AI coding harness MiMo Code beats Claude Code at ultra-long, 200+ step tasks

The persistent memory system addresses a real and widely felt pain point in agentic development workflows — one that ...

The AI Spending Reckoning: What Your Board Is About To Ask

AI was new, pilots were experimental and adoption itself was the goal. That window is closing fast. Every AI line item now ...
InfoWorld

10 tips for getting better R code from your AI coding agent

With the proper setup and guidance, you can have Claude Code, Codex, Posit Assistant, and other coding agents writing R code ...
TMCnet

42Crunch and GitHub Copilot Bring Deterministic API Security Guardrails to Agentic DevSecOps

Crunch, the leading API security platform for the agentic era, today announced the availability of the 42Crunch API Security Testing Plugin for GitHub Copilot. This latest advance enables developers ...

Multiple plugins for JetBrains IDEs steal API keys for OpenAI, DeepSeek & Co.

At least 15 plug-ins for JetBrains IDEs transmit API keys to an external server, while otherwise offering their promised ...
The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...