All newsletters
2026-06-20
2 min read
AI ToolsFrameworksLanguagesBrowserDevOpsDatabasesSecurityOpen SourceDev Tools

Android 17 Security Tightens & Cloudflare Adds Temporary Accounts & Malicious JetBrains Plugins Steal API Keys

Android 17 ships certificate transparency by default and locks down dynamic code loading, Cloudflare launches temporary accounts for AI agents, and 15 malicious coding plugins on JetBrains Marketplace have stolen OpenAI and DeepSeek API keys from 70k installs.

AI Coding Tools

  • LeakLens Android Studio plugin detects memory leaks with AI-powered fixes to prevent out-of-memory errors before users encounter them. Read more

Frameworks & Libraries

  • Android 17 enables Certificate Transparency protections by default for apps, requiring SSL certificates to appear in public append-only logs before acceptance—detecting misissued certificates faster. Read more
  • Android 17 tightens dynamic code loading rules: native libraries must now be read-only before execution, closing a common malware vector for code injection post-installation. Read more

Languages & Runtimes

  • Windows 11 26H2 confirmed as small enablement package that toggles disabled features already in the OS codebase, minimizing disruption with simpler, faster deployment than traditional feature updates. Read more

Browser & Web Platform

  • Android 17 enables Certificate Transparency by default, requiring certificates to pass auditable public logs—raising the bar for detecting suspicious or misissued certificates before widespread damage. Read more

DevOps & Cloud

  • Cloudflare Temporary Accounts now available for AI agents, solving deployment bottlenecks by letting agents create short-lived credentials instead of hitting walls built for human users. Read more

Databases & Data

  • ClickHouse Open House 2026 conferences across NYC, Amsterdam, and Munich feature hands-on training on the Agentic Data Stack (ClickHouse, MCP, LibreChat, Langfuse) and real-time database techniques for AI. Read more

Security

  • FortiBleed exposes credentials for 86,644 Fortinet FortiGate devices with leaked VPN access still active; CISA urges immediate credential rotation and device hardening across the fleet. Read more
  • 15 malicious JetBrains Marketplace plugins exfiltrate OpenAI, DeepSeek, and similar API keys in plaintext to hardcoded attacker servers; 70k installs affected with keys resold to paying users. Read more
  • usbliter8 exploit unpatchably breaks Apple A12 and A13 SecureROM boot chain via physical USB access; organizations should prioritize inventory of affected hardware and migrate to A14+ chips. Read more

Open Source

  • MemPalace open-source AI memory system benchmarked and free on GitHub—provides persistent context storage for agents and applications. Read more
  • OpenViking context database by Volcengine designed for AI agents, unifying memory, knowledge, and interaction history management. Read more

Dev Tools & IDEs

  • PyCharm 2026.2 EAP 7 improves type analysis for iterable unpacking and addresses multiple code insight bugs across inspections and refactoring. Read more

Enjoyed this issue?

Get this in your inbox

Join 1,000+ developers getting daily tech updates.

Subscribe free

More issues

TypeScript 7.0 RC & AWS Hanoi Local Zone & Chrome Third-Party DevTools & Amazon Bedrock AgentCore GA

2026-06-19

React Router v8 & GitHub Copilot Token Optimization & AWS Summit Announcements & JetBrains Junie GA

2026-06-18

Android 17 Launches & Claude Code Security Patches & Aspire 13.4 in VS Code

2026-06-17