Friday Squid Blogging: Jumbo Flying Squid in the South Pacific

The population needs better conservation. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

Malicious code in conservation_mackerel_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aeb5cd7cc7f0c7f8111cb9e0c6fce328d54505fd7330d2428e045f2457c08d43 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-92674

Malicious code in conservationmothz3n npm...

EUVD-2025-92676

Malicious code in conservationcobraz3n npm...

MAL-2025-113209 Malicious code in conservation_ladybug_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d62a0fd6e97db115f4ce79e531a4e782382b6536d287d5a34a730666894839e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-92675

Malicious code in conservationladybugz3n npm...

EUVD-2025-79557

Malicious code in conservationoxz3n npm...

EUVD-2025-79558

Malicious code in conservationaspz3n npm...

EUVD-2025-82403

Malicious code in conservationwhitefish0xrequest npm...

EUVD-2025-64823

Malicious code in conservationcentipedez3n npm...

EUVD-2025-64827

Malicious code in conservationaphidz3n npm...

Malicious code in conservation_centipede_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cce2ebe904a49f46e2b4a1b9d10501195885e8c45280851de6071bfe0d28535 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-64821

Malicious code in conservationvolez3n npm...

EUVD-2025-64822

Malicious code in conservationhaddockz3n npm...

EUVD-2025-64826

Malicious code in conservationbobcatrequirement npm...

EUVD-2025-64824

Malicious code in conservationcarpz3n npm...

MAL-2025-84248 Malicious code in conservation_iguana_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d49e382362b2598ba39eaaf1badc5b203e647433b1f3d90c46307d41d7b3d43f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-55227

Malicious code in conservation-orange-meadowlark npm...

EUVD-2025-55228

Malicious code in conservation-olive-spider npm...

EUVD-2025-55226

Malicious code in conservation-sapphire-clam npm...