Bleeping Computer

Malicious npm packages steal Discord users’ payment card info

Multiple npm packages are being used in an ongoing malicious campaign to infect Discord users with malware that steals their payment card information. The malware used in these attacks is a variant of ...
Ars Technica

Malicious NPM packages are part of a malware “barrage” hitting repositories

Researchers have found another 17 malicious packages in an open source repository, as the use of such repositories to spread malware continues to flourish. This time, the malicious code was found in ...
Threat Post

Malicious Npm Packages Tapped Again to Target Discord Users

Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods. Threat actors once again are using the node ...
Businessworld

New Malicious Campaign Hunts For Discord Tokens And Credit Card Information

Researchers at Kaspersky have identified malicious campaign dubbed LofyLife, which gathers various information from victims, including Discord tokens and credit card information, and to spy on them ...