<ul><li>Discord developers are being targeted by a malicious Python package called "pycord-self" on the Python Package Index (PyPI). It installs a backdoor for remote access and steals authentication tokens.</li><li>The package claims to be the authentic "discord.py-self" library and has been downloaded 885 times.</li><li>The malicious package collects authentication tokens and creates a backdoor for remote system control.</li><li>To protect against such attacks, users are advised to verify the source of packages, review and update dependencies regularly, and report suspicious packages.</li></ul>

Real Vs Fake : Python Users Beware Of pycord-self , a PyPi package stealing Discord auth tokens

Discover more