Google eliminates the security risk of unrestricted API keys in Gemini through a phased migration to authentication keys with granular access control by September 2026.
15 compromised JetBrains plugins masquerade as AI assistants and steal plaintext API keys over unencrypted HTTP connections to IP address 39.107.60.51.
At least 15 malicious plugins in the JetBrains Marketplace were designed to steal AI API keys from developers and gain access to internal corporate services.