IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively. According to JFrog, the information stealer...

EUVD-2025-209487

Nordic Semiconductor IronSide SE for nRF54H20 before 23.0.2+17 has an Algorithmic complexity issue...

CVE-2025-67841

Nordic Semiconductor IronSide SE for nRF54H20 before 23.0.2+17 has an Algorithmic complexity issue...

Nordic Semiconductor IronSide SE 安全漏洞

Nordic Semiconductor IronSide SE is a security development environment software developed by the Norwegian company Nordic Semiconductor. There are security vulnerabilities in Nordic Semiconductor IronSide SE for nRF54H20 versions up to 23.0.2+17. These vulnerabilities stem from algorithmic...

MAL-2026-1755 Malicious code in iron-demo-helpers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2eab1a57b93ed5fd15072cc6fcf50181933725cba4d6f98da5b81a99bec5f71e The package iron-demo-helpers was found to contain malicious code...

Malicious code in iron-demo-helpers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2eab1a57b93ed5fd15072cc6fcf50181933725cba4d6f98da5b81a99bec5f71e The package iron-demo-helpers was found to contain malicious code...

Malicious Package

Overview iron-pages is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

Malicious Package

Overview iron-menu-behavior is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview iron-selector is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview iron-fit-behavior is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview iron-overlay-behavior is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview iron-localstorage is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in iron-selector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b219543968961b0fe1a0bd84edace79d5f998e51149888798e20f08acd032d4 The package iron-selector was found to contain malicious code. Source: ghsa-malware 7cf6c5d1914db2c2a15acb98795a4adddfd3847f9e921c75e4b9f0e2a1890946...

Malicious Package

Overview iron-signals is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in iron-fit-behavior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67d3440b6e1d8f6bfca21cf53c207a766d966cc2ba5033d8557c044c91a8b950 The package iron-fit-behavior was found to contain malicious code. Source: ghsa-malware...

Malicious code in iron-overlay-behavior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f1c6c5a0c7da957deff9af5f6e981a6d5cf588394ad85aaaa9456657d49604e The package iron-overlay-behavior was found to contain malicious code. Source: ghsa-malware...

Malicious code in iron-menu-behavior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c995f11c44e1f5cd41f7a3c63d4070a2d738168a7fcc5a61f8f9e8ddbd6f00c The package iron-menu-behavior was found to contain malicious code. Source: ghsa-malware...

Malicious code in iron-signals (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 015416030a87f010b10b6babdffd64778563cfccdc5ad2fa610f456be6314658 The package iron-signals was found to contain malicious code. Source: ghsa-malware 2845ee24242fc511c6b3d7ad1fe8ed0ab3feb42f943edae6255d0a72f2b88460 A...

Malicious code in iron-localstorage (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b4370af9c8f0db5604f7bc2648c64054140ea6fbcfebd4eef181c7330efaf77 The package iron-localstorage was found to contain malicious code. Source: ghsa-malware...

Malicious code in iron-pages (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa0828e4b92294651d9b815203d5e2e7cbe45cce351dfa340bb6a79481a4a0cd The package iron-pages was found to contain malicious code. Source: ghsa-malware ec5456f01c9dadf3a140d1cd4974007405b2fdf1a9f1639c264a194555229ec4 Any...