CVE-2017-16054

Name of the Vulnerable Software and Affected Versions: nodefabric versions all

Description: The issue concerns a malicious module named nodefabric that was published with the intent to hijack environment variables, stealing them and sending the information to attacker-controlled locations. All versions of this module have been unpublished from the npm registry.

Recommendations: Delete the nodefabric package from your environment. Clear your npm cache to remove any residual files. Ensure nodefabric is not present in any other package.json files on your system to prevent reinstallation. Regenerate your registry credentials, tokens, and any other sensitive credentials that may have been exposed via environment variables. Review services that may have been exposed via compromised credentials, such as databases, for indicators of compromise.