A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system.

According to Fortinet, PyPI package Zlibxjson steals Discord tokens and browser data, including passwords and extensive user information ...

In December, JFrog uncovered 17 malicious npm packages also designed to steal Discord tokens. These packages were able to hijack account credentials, allowing attackers to take over a Discord server.

Multiple npm packages are being used in an ongoing malicious campaign to infect Discord users with malware that steals their payment card information.

Discord users, we have some not-so-great news for you. Reports have it that cybercriminals have found a new way to steal your Discord account.