Information security
fromThe Hacker News
18 hours agonpm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels
Malicious npm, Python, and Ruby packages use Discord webhooks as free, stealthy C2 channels to exfiltrate sensitive files and secrets during install or runtime.