Bleeping Computer

Malicious PyPi package steals Discord auth tokens from devs

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system. The ...
CNET

Discord Security Breach Exposed Government ID Photos of 70,000 Users

A third-party service provider was compromised, and information from people who had communicated with Discord's customer support and trust and safety teams was exposed. CNET editor Gael Fashingbauer ...