CVE-2017-16045
CVE-2017-16045 corresponds to a malicious npm package named jquery.js that hijacks environment variables. The malware was published as a package and later unpublished from the npm registry; it targets any environment where the package is installed, exfiltrating sensitive values to attacker-contro...