Bleeping Computer

Malicious PyPi package steals Discord auth tokens from devs

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system. The ...
Infosecurity-magazine.com

New PyPI Package Zlibxjson Steals Discord, Browser Data

A dangerous package has been found on the PyPI repository. Named zlibxjson version 8.2, the malicious package was flagged by Fortinet’s AI-driven OSS malware detection system on July 3 2024, shortly ...
Threat Post

Various Malware Lurks in Discord App to Target Gamers

Research from Zscaler ThreatLabZ shows attackers using spam emails and legitimate-looking links to gaming software to serve up Epsilon ransomware, the XMRrig cryptominer and various data and token ...