Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

Centrynex

Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that’s capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on the platform.
The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is still

SOURCE:

Share the Post:

Related News

[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl

AI agents are no longer just writing code. They are executing it. Tools like Copilot, Claude Code, and Codex can

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated

What Should We Learn From How Attackers Leveraged AI in 2025?

Old Playbook, New Scale: While defenders are chasing trends, attackers are optimizing the basics The security industry loves talking about

Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

Centrynex

Related News

[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

What Should We Learn From How Attackers Leveraged AI in 2025?

Company

Services

Contact Us