A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers and Roblox.

Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods.

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system.

Security researchers have discovered yet another supply chain attack campaign using malicious npm packages, this time targeting Discord users. Kaspersky said it identified four suspicious packages in ...

Python developers are under attack once again, with attackers looking to steal Discord account details along with data stored in various browsers. Cybersecurity researchers from Snyk have recently ...