Bleeping Computer

Malicious NPM project steals Discord accounts, browser info

A heavily obfuscated and malicious NPM project is used to steal Discord user tokens and browser information from unsuspecting users. NPM is a JavaScript package manager that allows developers to ...
Infosecurity-magazine.com

New PyPI Package Zlibxjson Steals Discord, Browser Data

A dangerous package has been found on the PyPI repository. Named zlibxjson version 8.2, the malicious package was flagged by Fortinet’s AI-driven OSS malware detection system on July 3 2024, shortly ...
Threat Post

NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens

The malware seems like a silly coding lark at first, but further exploration shows it can wreak serious damage in follow-on attacks. The NitroRansomware malware strain is shaking up the ransomware ...
Threat Post

Discord-Stealing Malware Invades npm Packages

The CursedGrabber malware has infiltrated the open-source software code repository. Three malicious software packages have been published to npm, a code repository for JavaScript developers to share ...