CVE-2017-16070
nodecaffe is a malware package published to hijack environment variables and exfiltrate them to attacker-controlled locations. The npm-hosted module has been unpublished across all versions. Affected context from the provided documents shows malware behavior and cleanup guidance: remove the packa...