CVE-2017-16077
CVE-2017-16077 concerns the npm package named mongose, described across multiple sources as malware that steals environment variables and exfiltrates them to attacker-controlled locations. The package was unpublished from the npm registry, and advisories emphasize removal from affected environmen...