Malicious npm packages are stealing Discord tokens JFrog researchers found 17 malicious packages that intentionally seek to attack and steal a user's site credentials.

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system.

Social media profile pics are one of the most popular ways to display NFT ownership. But PFP NFTs can be much more than a Twitter picture.

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser ...

According to Fortinet, PyPI package Zlibxjson steals Discord tokens and browser data, including passwords and extensive user information ...

Most of the packages steal Discord tokens, credit card numbers, and web-browser files, although some provide attackers with code execution abilities. All of the packages in the list use simple ...

Discord and Slack are both chat apps, Discord is easy to use for voice calls, Slack has a lot of tools to work with the outside world, and it has similar usage, although it has its own fields of ...

Security researchers have discovered yet another supply chain attack campaign using malicious npm packages, this time targeting Discord users. Kaspersky said it identified four suspicious packages in ...

Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods.

Blockchain project Gnus.AI lost $1.27 million through a token-mint exploit after an attacker viewed team members’ private messages through a Discord hack.