Aikido
Start for Free
No CC required

Vulnerabilities & Threats

Subscribe to hear about critical security incidents

We'll send you updates on incidents as and when they happen
Featured
January 27, 2026

Fake Clawdbot VS Code Extension Installs ScreenConnect RAT

A malicious VS Code extension impersonating Clawdbot is installing ScreenConnect RAT on developer machines.

#Malware

#VS Code

January 23, 2026

G_Wagon: npm Package Deploys Python Stealer Targeting 100+ Crypto Wallets

npm package ansi-universal-ui delivers GWagon infostealer targeting 100+ crypto wallets, browser credentials, and cloud keys. We analyzed all 10 versions as the attacker iterated in real-time.

#Malware

#NPM

#Software Supply Chain Security

January 23, 2026

Gone Phishin': npm Packages Serving Custom Credential Harvesting Pages

A targeted spear-phishing campaign used npm packages and jsDelivr as free phishing infrastructure, serving custom credential harvesters per victim

#Malware

#NPM

#Software Supply Chain Security

Subscribe to our changelog.
No spam, guaranteed.

VS Code
AI Penetration Testing
Threat Modeling
Cyber Resilience Act
Triaging
AutoTriage
Pentesting
Bazel
Code Quality
OWASP
NIS2
Legaltech
fintech
RASP
End of Life
SQL Injections
DAST
cnapp
cspm
aspm
Infrastructure as a Code IaC
Network Security Monitoring
License Scanners
SBOM
Container Scanning
AppSec
Vulnerabilities
Software Supply Chain Security
API
Dependencies
Continuous Security Monitoring
DevSecOps
Vibe Coding
AI
NPM
autofix
Malware
Article
open-source
SCA
intel
SOC 2
usecase
Tools
SAST
Compliance
CircleCI
Codeship
IMDSv2
Cloud
IMDSv1
SSRF
AWS
January 27, 2026

Fake Clawdbot VS Code Extension Installs ScreenConnect RAT

A malicious VS Code extension impersonating Clawdbot is installing ScreenConnect RAT on developer machines.

Tags/

#Malware

#VS Code

January 23, 2026

G_Wagon: npm Package Deploys Python Stealer Targeting 100+ Crypto Wallets

npm package ansi-universal-ui delivers GWagon infostealer targeting 100+ crypto wallets, browser credentials, and cloud keys. We analyzed all 10 versions as the attacker iterated in real-time.

Tags/

#Malware

#NPM

#Software Supply Chain Security

January 23, 2026

Gone Phishin': npm Packages Serving Custom Credential Harvesting Pages

A targeted spear-phishing campaign used npm packages and jsDelivr as free phishing infrastructure, serving custom credential harvesters per victim

Tags/

#Malware

#NPM

#Software Supply Chain Security

January 23, 2026

Malicious PyPI Packages spellcheckpy and spellcheckerpy Deliver Python RAT

Attackers published fake spellchecker packages to PyPI with malware hidden in plain sight. We break down the attack and what developers need to watch for.

Tags/

#Malware

#Software Supply Chain Security

#NPM

January 21, 2026

Agent Skills Are Spreading Hallucinated npx Commands

AI agent skills are propagating hallucinated npx commands, creating real security and reliability risks for developers and supply chains.

Tags/

#NPM

#Malware

#Software Supply Chain Security

#AI

#Vibe Coding

January 8, 2026

Critical n8n Vulnerability Allows Unauthenticated Remote Code Execution (CVE-2026-21858)

A critical vulnerability in n8n (CVE-2026-21858) allows unauthenticated remote code execution on self-hosted instances. Learn who is affected and how to remediate.

Tags/

#Vulnerabilities

January 5, 2026

JavaScript, MSBuild, and the Blockchain: Anatomy of the NeoShadow npm Supply-Chain Attack

A deep technical analysis of the NeoShadow npm supply-chain attack, detailing how JavaScript, MSBuild, and blockchain techniques were combined to compromise developers.

Tags/

#NPM

#Malware

January 2, 2026

IDOR Vulnerabilities Explained: Why They Persist in Modern Applications

Learn what an IDOR vulnerability is, why insecure direct object references persist in modern APIs, and why traditional testing tools struggle to detect real authorization failures.

Tags/

#AI

#AI Penetration Testing

#DAST

#SAST

#Vulnerabilities

December 28, 2025

Shai Hulud strikes again - The golden path

A new strain of Shai Hulud has been observed in the wild.

Tags/

#Malware

December 26, 2025

MongoBleed: MongoDB Zlib Vulnerability (CVE-2025-14847) and How to Fix It

MongoBleed, tracked as CVE-2025-14847, allows unauthenticated memory disclosure in MongoDB via zlib compression. See impact and remediation.

Tags/

#Vulnerabilities

December 25, 2025

First Sophisticated Malware Discovered on Maven Central via Typosquatting Attack on Jackson

We uncovered the first sophisticated malware campaign on Maven Central: a typosquatted Jackson package delivering multi-stage payloads and Cobalt Strike beacons via Spring Boot auto-execution.

Tags/

#Malware

December 17, 2025

The Fork Awakens: Why GitHub’s Invisible Networks Break Package Security

A deep dive into a GitHub security flaw where forked commits let attackers spoof dependencies. Understand the commit SHA issue and why package managers need API-level protection.

Tags/

#Software Supply Chain Security

#Malware

#open-source

#NPM

#Dependencies

Customer Stories

See how teams like yours are using Aikido to simplify security and ship with confidence.

See all

Compliance

Stay ahead of audits with clear, dev-friendly guidance on SOC 2, ISO standards, GDPR, NIS, and more.

See all

Guides & Best Practices

Actionable tips, security workflows, and how-to guides to help you ship safer code faster.

See all

DevSec Tools & Comparisons

Deep dives and side-by-sides of the top tools in the AppSec and DevSecOps landscape.

See all

Vulnerabilities & Threats

Cut through the noise with real-world CVE breakdowns, malware analysis, exploits, and emerging risks.

See all

Product & Company Updates

What’s new at Aikido—from product launches to big security wins.

See all

Get secure now

Secure your code, cloud, and runtime in one central system.
Find and fix vulnerabilities fast automatically.

Start Scanning
No CC required
Book a demo
No credit card required | Scan results in 32secs.