Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

Updated on January 13, 2026

Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that’s capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on the platform.
The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is still…

Read the rest of the story at Read More

Source: The Hacker News

December 3, 2025 Uncategorized

Malicious Rust Crate Delivers OS-Specifi...

July 31, 2024 Uncategorized

Chinese Hackers Target Japanese Firms wi...

May 27, 2025 Uncategorized

Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

Related posts

Malicious Rust Crate Delivers OS-Specifi...

Chinese Hackers Target Japanese Firms wi...

AI Agents and the Non‑Human Identity C...

Leave a Comment Cancel reply

Recent News

Orchid Security Introduces Continuous Identity Observability for Enterprise Applications

The First 90 Seconds: How Early Decisions Shape Incident Response Investigations

Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata

[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

When Cloud Outages Ripple Across the Internet

APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks