Описание
discordi.js is malware
The discordi.js package is malware that attempts to discover and exfiltrate a user's Discord credentials, sending them to pastebin.
All versions have been unpublished from the npm registry.
Recommendation
Do not install / use this module. It has been unpublished from the npm registry but may exist in some caches. Any users that logged into Discord using this library will need to change their credentials.
Пакеты
Наименование
discordi.js
npm
Затронутые версииВерсия исправления
<= 14.0.3
Отсутствует
Связанные уязвимости
CVSS3: 7.3
nvd
больше 7 лет назад
discordi.js is a malicious module based on the discord.js library that exfiltrates login tokens to pastebin.