Malicious packages on popular registries are abusing Discord webhooks to exfiltrate sensitive files and host telemetry, bypassing traditional C2 infrastructure and blending into legitimate HTTPS traffic. Discord webhooks are simple HTTPS URLs that accept POST requests; they require no credentials beyond possession of the URL, and traffic appears as innocent JSON over port 443. Socket’s […] The post Discord Weaponized as C2 Server Across Popular Open-Source Package Repositories appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/open-source-package/
