Malicious PyPi package steals Discord auth tokens from devs
(www.bleepingcomputer.com)
from IllNess@infosec.pub to securitynews@infosec.pub on 20 Jan 2025 02:27
https://infosec.pub/post/22631043
from IllNess@infosec.pub to securitynews@infosec.pub on 20 Jan 2025 02:27
https://infosec.pub/post/22631043
A malicious package named ‘pycord-self’ on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system.
threaded - newest