CVE-2017-16052

Name of the Vulnerable Software and Affected Versions: node-fabric versions all

Description: The issue concerns a malicious module named node-fabric that was published with the intent to hijack environment variables, effectively stealing them and sending the data to attacker-controlled locations. All versions of this module have been unpublished from the npm registry.

Recommendations: Delete the node-fabric package from your environment. Clear your npm cache to remove any residual files. Ensure node-fabric is not present in any other package.json files on your system to prevent reinstallation. Regenerate your registry credentials, tokens, and any other sensitive credentials that may have been exposed via environment variables. Review any services that may have been exposed via credentials in your environment variables for indicators of compromise, such as database access.