Bleeping Computer

Malicious PyPi package steals Discord auth tokens from devs

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system. The ...
TechRadar

Discord tokens are being targeted by malicious npm packages

A large number of new malicious packages have been found in the npm repository, whose goal is to steal login credentials of Discord users (also known as Discord tokens). DevOps security firm JFRog ...
Business Today

Discord users alert! There’s a new way hackers can get to you

Discord users, we have some not-so-great news for you. Reports have it that cybercriminals have found a new way to steal your Discord account. And they are doing this by using npm (node package ...
ZDNet

Malicious npm packages are stealing Discord tokens

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level. Read now DevOps security firm JFrog discovered 17 ...
Threat Post

Malware Builder Leverages Discord Webhooks

Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks. On April 23rd, 2022, a Discord user with the handle “Portu” began advertising a ...
Bleeping Computer

New ransomware encrypts files, then steals your Discord account

The new 'AXLocker' ransomware family is not only encrypting victims' files and demanding a ransom payment but also stealing the Discord accounts of infected users. When a user logs into Discord with ...