Infosecurity-magazine.com

New PyPI Package Zlibxjson Steals Discord, Browser Data

A dangerous package has been found on the PyPI repository. Named zlibxjson version 8.2, the malicious package was flagged by Fortinet’s AI-driven OSS malware detection system on July 3 2024, shortly ...
Threat Post

Discord-Stealing Malware Invades npm Packages

The CursedGrabber malware has infiltrated the open-source software code repository. Three malicious software packages have been published to npm, a code repository for JavaScript developers to share ...
Infosecurity-magazine.com

Malicious Npm Packages Designed to Steal Discord Tokens

Security researchers have discovered yet another supply chain attack campaign using malicious npm packages, this time targeting Discord users. Kaspersky said it identified four suspicious packages in ...
Bleeping Computer

Malicious NPM project steals Discord accounts, browser info

A heavily obfuscated and malicious NPM project is used to steal Discord user tokens and browser information from unsuspecting users. NPM is a JavaScript package manager that allows developers to ...
Bleeping Computer

Discord Abused to Spread Malware and Harvest Stolen Data

Malware developers and attackers are abusing the Discord chat service by using it to host their malware, act as command and control servers, or by modifying the chat client to perform malicious ...