So if you applied the Java update promptly, there's most likely nothing here for you to worry about.
Sabpab (which apparently gets its name from its use of a file called com.apple.PubSabAgent.pfile, a similar name to the legitimate com.Apple.PubSubAgent.plist) sets up a backdoor on infected Macs.
"It connects to a control server using HTTP, receiving commands from remote hackers as to what it should do. The criminals behind the attack can grab screenshots from infected Macs, upload and download files, and execute commands remotely," said Graham Cluley, senior technology consultant, Sophos.
Sabpab is detected by security products from Sophos, Symantec and (presumably) other vendors.
It is easily removed manually by deleting /Users/