Bleeping Computer

PyPI packages caught stealing credit card numbers, Discord tokens

The Python Package Index (PyPI) registry has removed several Python packages this week aimed at stealing users' credit card numbers, Discord tokens, and granting code execution capabilities to ...
Android Authority

How to get your Discord token

When you create a Discord account, you’re assigned a token. Your Discord token is separate from your username, tag, and password, and allows whoever has it to log ...
TechRadar

Discord tokens are being targeted by malicious npm packages

A large number of new malicious packages have been found in the npm repository, whose goal is to steal login credentials of Discord users (also known as Discord tokens). DevOps security firm JFRog ...
Threat Post

NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens

The malware seems like a silly coding lark at first, but further exploration shows it can wreak serious damage in follow-on attacks. The NitroRansomware malware strain is shaking up the ransomware ...
Threat Post

Malicious npm Code Packages Built for Hijacking Discord Servers

The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. A series of malicious packages in the Node.js package manager (npm) code ...