Discord is an IRC-like chat platform that all the young cool kids are hanging out on. Originally intended as a way to communicate during online games, Discord has grown to the point that there are … ...

A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers and Roblox.

Aside from hosting their malware in Discord and Slack links, cybercriminals are also using Discord as the command-and-control and data-stealing element in their malware.

Most of the packages steal Discord tokens, credit card numbers, and web-browser files, although some provide attackers with code execution abilities. All of the packages in the list use simple ...

Named discord.dll, the malicious JavaScript library is still available via npm, a web portal, command-line utility, and package manager for JavaScript programmers.

Threat actors are leveraging some incredibly useful features of Discord for malicious things, such as malware staging and data exfiltration.

Creator Rob Laughter shared on Reddit that if you install and use ComfyUI_LLMVISION, your browser passwords, credit card information, and browsing history will be sent to a Discord server via webhook.

The npm security team has removed a malicious JavaScript library from the npm portal that was designed to steal sensitive files from an infected users' browser and Discord application.