The Hacker News

Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

January 14, 2026 add comment
Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that’s capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170... Read more »

Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

January 12, 2026 add comment
Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud (aka Sha1-Hulud) supply chain outbreak in November 2025 was likely responsible for the hack of its Google... Read more »

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

January 12, 2026 add comment
Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed... Read more »

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

January 10, 2026 add comment
Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code... Read more »

The Future of Cybersecurity Includes Non-Human Employees

January 9, 2026 add comment
Non-human employees are becoming the future of cybersecurity, and enterprises need to prepare accordingly. As organizations scale Artificial Intelligence (AI) and cloud automation, there is exponential growth in Non-Human... Read more »

The ROI Problem in Attack Surface Management

January 8, 2026 add comment
Attack Surface Management (ASM) tools promise reduced risk. What they usually deliver is more information.  Security teams deploy ASM, asset inventories grow, alerts start flowing, and dashboards fill up.... Read more »

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

January 8, 2026 add comment
The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan (RAT)... Read more »

Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

January 7, 2026 add comment
Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations’ domains and distribute emails that appear as if they have been sent... Read more »

Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government

January 7, 2026 add comment
The Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by leveraging the Viber messaging platform to deliver malicious ZIP archives. “This organization... Read more »

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

January 7, 2026 add comment
A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in arbitrary code execution under certain circumstances. The vulnerability, tracked... Read more »
Subscribe to our Newsletter