Malicious 'gruntcli' package stealing environment variables and sending them to attacker controlled locations. All versions unpublished from npm registry. Recommendation for deletion, clearing npm cache, and regenerating sensitive credentials.
Reporter | Title | Published | Views | Family All 8 |
---|---|---|---|---|
![]() | Code injection | 7 Jun 201802:29 | – | prion |
![]() | CVE-2017-16058 | 7 Jun 201802:29 | – | nvd |
![]() | CVE-2017-16058 | 7 Jun 201802:00 | – | cvelist |
![]() | CVE-2017-16058 | 7 Jun 201802:29 | – | cve |
![]() | Hijacked Environment Variables | 8 Aug 201721:48 | – | nodejs |
![]() | gruntcli is malware | 9 Nov 201817:43 | – | osv |
![]() | Malicious Typo-Squatting | 7 Jun 201805:52 | – | veracode |
![]() | Malicious JavaScript Package Detection | 12 Jun 201800:00 | – | openvas |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo