Bleeping Computer

LofyGang hackers built a credential-stealing enterprise on Discord, NPM

The 'LofyGang' threat actors have created a credential-stealing enterprise by distributing 200 malicious packages and fake hacking tools on code hosting platforms, such as NPM and GitHub. Researchers ...
TechRadar

Discord tokens are being targeted by malicious npm packages

A large number of new malicious packages have been found in the npm repository, whose goal is to steal login credentials of Discord users (also known as Discord tokens). DevOps security firm JFRog ...