Description
babelcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Affected products
- HackerOne / babelcli node moduleAll versions – All versions
References
- VENDOR_ADVISORYhttps://nodesecurity.io/advisories/499