The New Theft Target Isn't Your Password—It's the Keys That Run Your Whole Company's AI
If your job involves cloud tools or AI assistants—and increasingly that's most desk jobs—attackers have stopped chasing individual logins and started stealing the master keys that connect your developers' tools to everything else. A new infostealer called 'Djinn' and a separate flaw in Amazon's AI coding assistant both target the same prize: the machine-to-machine credentials that quietly hold modern companies together.
Bottom Line
The frontier of credential theft has moved from individual humans to the automated plumbing connecting developer tools, AI agents, and enterprise systems. Two separate flaws this week—Djinn via a SimpleHelp bug, and an Amazon Q extension weakness—exploit the same blind spot, and the wider rush to deploy autonomous AI agents is widening it faster than security can keep pace.