Bleeping Computer

Malicious PyPi package steals Discord auth tokens from devs

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system. The ...
Android Authority

How to get your Discord token

When you create a Discord account, you’re assigned a token. Your Discord token is separate from your username, tag, and password, and allows whoever has it to log ...
Threat Post

NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens

The malware seems like a silly coding lark at first, but further exploration shows it can wreak serious damage in follow-on attacks. The NitroRansomware malware strain is shaking up the ransomware ...
TechRadar

Discord tokens are being targeted by malicious npm packages

A large number of new malicious packages have been found in the npm repository, whose goal is to steal login credentials of Discord users (also known as Discord tokens). DevOps security firm JFRog ...