The Hacker News

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

Researchers expose Discord webhook C2 in npm, PyPI, RubyGems; North Korean actors published 338 malicious npm packages with ...
ZDNet

Discord desktop app vulnerability chain triggered remote code execution attacks

Discord has patched a critical issue in the desktop version of the messaging app which left users vulnerable to remote code execution (RCE) attacks. Bug bounty hunter Masato Kinugawa developed an ...