A new strain of Rust-based malware, dubbed ChaosBot, exploits the Discord platform for its Command and Control operations, embedding malicious activity behind legitimate traffic. Its advanced evasion capabilities pose significant challenges for defenders.

Threat actors are increasingly using Discord webhooks as covert command-and-control channels within open-source packages, allowing for the stealthy exfiltration of sensitive data. This tactic leverages hard-coded webhook URLs to bypass security measures and exfiltrate secrets from developer environments.