Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that leverage Discord as a command-and-control (C2) channel to transmit stolen data to actor-controlled webhooks.
Webhooks on Discord are a way to post messages to channels in the platform without requiring a bot user or authentication, making them an attractive mechanism for attackers toRead More
npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels [email protected] (The Hacker News)
by
Tags: