6 matches found
nodefabric is malware
The nodefabric package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...
GHSA-8QP3-PVWC-2G4P nodefabric is malware
The nodefabric package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...
Malicious JavaScript Package Detection
Detection and reporting of known malicious JavaScript packages or package versions. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...
CVE-2017-16054
nodefabric was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16054
CVE-2017-16054 corresponds to the npm package nodefabric, which is described in connected advisories as malware that hijacks environment variables. The nodefabric package was published to steal environment variables and exfiltrate them to attacker-controlled locations; all versions have been unpu...
Hijacked Environment Variables
Overview The nodefabric package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real...