If you use AI coding assistants or open-source dev tools, this is critical

If you use AI coding assistants or open-source dev tools, this is critical. A popular OpenAI Codex package (29k weekly downloads) silently stole developer tokens.

This highlights escalating software supply chain risks. Even trusted, popular tools are vulnerable.

For Indian tech firms: enforce stringent API key management and vet dependencies. Developer security is a key attack surface.

https://thenextweb.com/news/a-popular-openai-codex-tool-with-29000-weekly-downloads-has-been-quietly-stealing-developer-tokens-for-a-month