Bleeping Computer

Malicious PyPi package steals Discord auth tokens from devs

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system. The ...
Android Authority

How to get your Discord token

When you create a Discord account, you’re assigned a token. Your Discord token is separate from your username, tag, and password, and allows whoever has it to log ...
ZDNet

Malware authors target rivals with malicious npm packages

On February 22, JFrog cybersecurity researchers Andrey Polkovnychenko and Shachar Menashe said that 25 malicious Node Package Manager (npm) packages had recently been detected by the firm's scanners, ...
TechRadar

Discord tokens are being targeted by malicious npm packages

A large number of new malicious packages have been found in the npm repository, whose goal is to steal login credentials of Discord users (also known as Discord tokens). DevOps security firm JFRog ...