Bleeping Computer

Malicious PyPi package steals Discord auth tokens from devs

A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system. The ...
Tidbits

Reacting to Unsolicited Two-Factor Authentication Codes

I have long encouraged the use of two-factor authentication (2FA) or two-step verification (2SV) with online accounts whenever possible (for more about the difference, see “Two-Factor Authentication, ...
9to5Mac

A million SMS two-factor authentication codes were intercepted; here’s what to do

A new report found that around a million two-factor authentication codes sent by text message appear to have been intercepted. A tech industry whistleblower revealed that the 2FA security codes passed ...