Magecart web skimming campaign active since 2022 stealing credit card and personal data from compromised e-commerce checkout pages.
Get the latest international news and world events from around the world.
Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool
Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that’s capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on the platform.
The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is still available on the Chrome Web Store as of writing. It was first published on September 1, 2025, by a developer named “jorjortan142.”
“The extension programmatically creates new MEXC API keys, enables withdrawal permissions, hides that permission in the user interface (UI), and exfiltrates the resulting API key and secret to a hardcoded Telegram bot controlled by the threat actor,” Socket security researcher Kirill Boychenko said in an analysis.
Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws
To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5074109 & KB5073455 cumulative updates and Windows 10 KB5073724 extended security update.
This month’s Patch Tuesday fixes one actively exploited and two publicly disclosed zero-day vulnerabilities.
New VoidLink malware framework targets Linux cloud servers
A newly discovered advanced cloud-native Linux malware framework named VoidLink focuses on cloud environments, providing attackers with custom loaders, implants, rootkits, and plugins designed for modern infrastructures.
VoidLink is written in Zig, Go, and C, and its code shows signs of a project under active development, with extensive documentation, and likely intended for commercial purposes.
Malware analysts at cybersecurity company Check Point say that VoidLink can determine if it runs inside Kubernetes or Docker environments and adjust its behavior accordingly.
Texas takes charge of world’s most powerful telescope
AUSTIN (KXAN) — The group building what could become the world’s most powerful optical telescope, the Giant Magellan, has a new leader. The GMTO Corporation announced Tuesday that The University of Texas at Austin’s Daniel T. Jaffe will serve as its new president.
Jaffe joins fellow UT professor Taft Armandroff, who was elected in November to chair the GMTO board of directors.
“I’m very excited about the chance to lead this project. I’m very enthusiastic about its prospects. I think it’s going to be a major breakthrough for astronomical science in the coming decades,” Jaffe said.
Surprise Hair Loss Breakthrough: A DNA Sugar Gel Sparks Robust Regrowth
In 2024, scientists stumbled upon a potential new treatment for hereditary-patterned baldness, the most common cause of hair loss in both men and women worldwide.
It began with research on a naturally occurring sugar that helps form DNA: the ‘deoxyribose’ part of deoxyribonucleic acid.
While studying how these sugars aid wound healing in mice when applied topically, scientists at the University of Sheffield and COMSATS University in Pakistan noticed that the fur around treated lesions grew back faster than in untreated mice.