Threat actors are increasingly abusing Discord webhooks as covert command-and-control (C2) channels inside open-source packages, enabling stealthy exfiltration of secrets, host telemetry, and developer environment data without standing up bespoke infrastructure. Socket’s Threat Research Team has documented active abuse across npm, PyPI, and RubyGems, where hard-coded Discord webhook URLs act as write-only sinks to siphon […]
The post Threat Actors Exploit Discord Webhooks for C2 via npm, PyPI, and Ruby Packages appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login
Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow unauthorized access to
