Bleeping Computer

PyPI packages caught stealing credit card numbers, Discord tokens

The Python Package Index (PyPI) registry has removed several Python packages this week aimed at stealing users' credit card numbers, Discord tokens, and granting code execution capabilities to ...
Threat Post

Malicious npm Code Packages Built for Hijacking Discord Servers

The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. A series of malicious packages in the Node.js package manager (npm) code ...
ZDNet

Malicious npm packages are stealing Discord tokens

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level. Read now DevOps security firm JFrog discovered 17 ...
Infosecurity-magazine.com

Malicious Npm Packages Designed to Steal Discord Tokens

Security researchers have discovered yet another supply chain attack campaign using malicious npm packages, this time targeting Discord users. Kaspersky said it identified four suspicious packages in ...
ZDNet

Malware authors target rivals with malicious npm packages

On February 22, JFrog cybersecurity researchers Andrey Polkovnychenko and Shachar Menashe said that 25 malicious Node Package Manager (npm) packages had recently been detected by the firm's scanners, ...
Dark Reading

Malicious npm Packages Scarf Up Discord Tokens, Credit Card Info

Four packages containing highly obfuscated malicious Python and JavaScript code were discovered this week in the Node Package Manager (npm) repository. According to a report from Kaspersky, the ...
Threat Post

Attackers Blowing Up Discord, Slack with Malware

One Discord network search turned up 20,000 virus results, researchers found. Workflow and collaboration tools like Slack and Discord have been infiltrated by threat actors, who are abusing their ...