Cybercriminals hit malware authors with malicious NPM packages

Discord tokens have become the perfect medium for cybercriminals to gain unauthorized access to accounts allowing the operators to distribute malicious links through compromised Discord channels.  According to a new report from…

CISA warns of trojanized versions of JavaScript library’s NPM package

The warning comes days after three rogue packages, okhsa, klow, and klown discovered by DevSecOps firm Sonatype, were removed from the NPM repository. On Friday, the US Cybersecurity and Infrastructure…