password stealer

New malicious campaign hunts for Discord tokens and credit card information via infected npm packages.

Npm package UAParser.js, installed on tens of millions of computers worldwide, has been infected with a password stealer and a miner. Here’s what to do.

A particular type of malware seeks user credentials, including accounts for gaming services such as Origin, Battle.net, and Uplay.