Bleeping Computer

Malicious PyPi packages turn Discord into password-stealing malware

A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers and Roblox. The ...
ZDNet

Npm package caught stealing sensitive Discord and browser files

Security researchers at Sonatype have discovered today an npm package (JavaScript library) that contains malicious code designed to steal sensitive files from a user's browsers and Discord application ...
ZDNet

Malicious npm package caught trying to steal sensitive Discord and browser files

The npm security team has removed a malicious JavaScript library from the npm portal that was designed to steal sensitive files from an infected users' browser and Discord application. The malicious ...
Bleeping Computer

Malicious npm packages steal Discord users’ payment card info

Multiple npm packages are being used in an ongoing malicious campaign to infect Discord users with malware that steals their payment card information. The malware used in these attacks is a variant of ...
Infosecurity-magazine.com

Malicious Npm Packages Designed to Steal Discord Tokens

Security researchers have discovered yet another supply chain attack campaign using malicious npm packages, this time targeting Discord users. Kaspersky said it identified four suspicious packages in ...