Threat Post

Malicious npm Code Packages Built for Hijacking Discord Servers

The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. A series of malicious packages in the Node.js package manager (npm) code ...
Threat Post

NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens

The malware seems like a silly coding lark at first, but further exploration shows it can wreak serious damage in follow-on attacks. The NitroRansomware malware strain is shaking up the ransomware ...
Infosecurity-magazine.com

Malicious Npm Packages Designed to Steal Discord Tokens

Security researchers have discovered yet another supply chain attack campaign using malicious npm packages, this time targeting Discord users. Kaspersky said it identified four suspicious packages in ...
Dark Reading

Malicious npm Packages Scarf Up Discord Tokens, Credit Card Info

Four packages containing highly obfuscated malicious Python and JavaScript code were discovered this week in the Node Package Manager (npm) repository. According to a report from Kaspersky, the ...
Businessworld

New Malicious Campaign Hunts For Discord Tokens And Credit Card Information

Researchers at Kaspersky have identified malicious campaign dubbed LofyLife, which gathers various information from victims, including Discord tokens and credit card information, and to spy on them ...
ZDNet

Malware authors target rivals with malicious npm packages

On February 22, JFrog cybersecurity researchers Andrey Polkovnychenko and Shachar Menashe said that 25 malicious Node Package Manager (npm) packages had recently been detected by the firm's scanners, ...
Bleeping Computer

Malicious PyPi packages turn Discord into password-stealing malware

A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers and Roblox. The ...