CVE-2017-16070

Name of the Vulnerable Software and Affected Versions: nodecaffe versions all

Description: The nodecaffe package is a piece of malware designed to steal environment variables and send them to attacker-controlled locations. All versions of this package have been unpublished from the npm registry. If installed, the primary security concern is determining how the package was introduced into the environment.

Recommendations: Delete the nodecaffe package from your environment. Clear your npm cache to prevent any potential reuse of the malicious package. Ensure nodecaffe is not present in any other package.json files on your system to prevent reinstallation. Regenerate your registry credentials, tokens, and any other sensitive credentials that may have been exposed via environment variables. Review any services that may have been exposed via credentials in your environment variables, such as databases, for indicators of compromise.