The Hacker News

Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

A malicious Chrome extension posing as a trading tool steals MEXC API keys, enables withdrawals, and sends credentials to ...
The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...