Infosecurity-magazine.com

New PyPI Package Zlibxjson Steals Discord, Browser Data

A dangerous package has been found on the PyPI repository. Named zlibxjson version 8.2, the malicious package was flagged by Fortinet’s AI-driven OSS malware detection system on July 3 2024, shortly ...
Bleeping Computer

PyPI packages caught stealing credit card numbers, Discord tokens

The Python Package Index (PyPI) registry has removed several Python packages this week aimed at stealing users' credit card numbers, Discord tokens, and granting code execution capabilities to ...
Bleeping Computer

Malicious PyPi package steals Discord auth tokens from devs

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system. The ...
Infosecurity-magazine.com

Malicious Npm Packages Designed to Steal Discord Tokens

Security researchers have discovered yet another supply chain attack campaign using malicious npm packages, this time targeting Discord users. Kaspersky said it identified four suspicious packages in ...