The Hacker News

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

Researchers expose Discord webhook C2 in npm, PyPI, RubyGems; North Korean actors published 338 malicious npm packages with ...
Threat Post

Malware Builder Leverages Discord Webhooks

Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks. On April 23rd, 2022, a Discord user with the handle “Portu” began advertising a ...
Bleeping Computer

Malicious PyPi packages turn Discord into password-stealing malware

A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers and Roblox. The ...
Hackaday

Create A Discord Webhook With Python For Your Bot

Discord is an IRC-like chat platform that all the young cool kids are hanging out on. Originally intended as a way to communicate during online games, Discord has grown to the point that there are ...
Bleeping Computer

New TroubleGrabber Discord malware steals passwords, system info

TroubleGrabber, a new credential stealer discovered by Netskope security researchers, spreads via Discord attachments and uses Discord webhooks to deliver stolen information to its operators. Several ...
ZDNet

Npm package caught stealing sensitive Discord and browser files

Security researchers at Sonatype have discovered today an npm package (JavaScript library) that contains malicious code designed to steal sensitive files from a user's browsers and Discord application ...