.avif)
Vulnerabilities & Threats
Multiple JetBrains IDE plugins caught stealing AI keys
A coordinated campaign of at least 15 JetBrains IDE plugins, published under seven vendor accounts, exfiltrates the AI provider API key you paste into their settings.
.jpg)
10 year old critical vulnerability in phpBB affecting tens of millions of users across thousands of forums
Aikido Security discovered a critical unauthenticated authentication bypass in phpBB affecting tens of millions of users. A single HTTP request is all it takes to take over any account — a vulnerability that's been sitting in the codebase since 2014.
npm backdoor lets hackers hijack gambling outcomes
A targeted npm supply chain attack installs an Express backdoor, enables remote SQL/file access, and rewrites gambling balances while keeping logs consistent.
npx Confusion: Packages That Forgot to Claim Their Own Name
We claimed 128 unclaimed npm package names that official docs told developers to npx. Seven months later: 121,000 downloads. All would have run arbitrary code.
Fake Clawdbot VS Code Extension Installs ScreenConnect RAT
A malicious VS Code extension impersonating Clawdbot is installing ScreenConnect RAT on developer machines.
G_Wagon: npm Package Deploys Python Stealer Targeting 100+ Crypto Wallets
npm package ansi-universal-ui delivers GWagon infostealer targeting 100+ crypto wallets, browser credentials, and cloud keys. We analyzed all 10 versions as the attacker iterated in real-time.
Gone Phishin': npm Packages Serving Custom Credential Harvesting Pages
A targeted spear-phishing campaign used npm packages and jsDelivr as free phishing infrastructure, serving custom credential harvesters per victim
Malicious PyPI Packages spellcheckpy and spellcheckerpy Deliver Python RAT
Attackers published fake spellchecker packages to PyPI with malware hidden in plain sight. We break down the attack and what developers need to watch for.
Agent Skills Are Spreading Hallucinated npx Commands
AI agent skills are propagating hallucinated npx commands, creating real security and reliability risks for developers and supply chains.
Critical n8n Vulnerability Allows Unauthenticated Remote Code Execution (CVE-2026-21858)
A critical vulnerability in n8n (CVE-2026-21858) allows unauthenticated remote code execution on self-hosted instances. Learn who is affected and how to remediate.
JavaScript, MSBuild, and the Blockchain: Anatomy of the NeoShadow npm Supply-Chain Attack
A deep technical analysis of the NeoShadow npm supply-chain attack, detailing how JavaScript, MSBuild, and blockchain techniques were combined to compromise developers.
Vulnerabilities & Threats
Cut through the noise with real-world CVE breakdowns, malware analysis, exploits, and emerging risks.
Customer Stories
See how teams like yours are using Aikido to simplify security and ship with confidence.
Get secure now
Secure your code, cloud, and runtime in one central system.
Find and fix vulnerabilities fast automatically.
