aikido | no bullsh*t security for devs
@aikidosecurity.bsky.social
No bullsh*t security for devs.
Secure code, cloud, and runtime in one central system. fix issues automatically.
Get back to building. 🔗 aikido.dev
Secure code, cloud, and runtime in one central system. fix issues automatically.
Get back to building. 🔗 aikido.dev
Key findings:
• 1 in 5 have faced a serious breach linked to AI code
• 96% believe AI will one day write secure code
• 65% say false positives are driving risky behavior
Read the full report -> www.aikido.dev/state-of-ai-...
• 1 in 5 have faced a serious breach linked to AI code
• 96% believe AI will one day write secure code
• 65% say false positives are driving risky behavior
Read the full report -> www.aikido.dev/state-of-ai-...
State of AI in Security & Development 2026: CISOs & Devs Respond to AI Risks
450 CISOs and developers reveal how AI is reshaping security and software development, and how teams are responding to new risks and real breaches.
www.aikido.dev
October 22, 2025 at 1:01 PM
Key findings:
• 1 in 5 have faced a serious breach linked to AI code
• 96% believe AI will one day write secure code
• 65% say false positives are driving risky behavior
Read the full report -> www.aikido.dev/state-of-ai-...
• 1 in 5 have faced a serious breach linked to AI code
• 96% believe AI will one day write secure code
• 65% say false positives are driving risky behavior
Read the full report -> www.aikido.dev/state-of-ai-...
We’re entering a new chapter in pentesting and we’re excited to have the teams from Allseek and Haicker with us on this journey.
Get early access → www.aikido.dev/attack/aipen...
Get early access → www.aikido.dev/attack/aipen...
Aikido Attack | Autonomous AI Pentests
Audit-ready pentests without the wait. Full report in days, instant retests, low cost, and continuous validation powered by AI agents.
www.aikido.dev
September 24, 2025 at 8:42 AM
We’re entering a new chapter in pentesting and we’re excited to have the teams from Allseek and Haicker with us on this journey.
Get early access → www.aikido.dev/attack/aipen...
Get early access → www.aikido.dev/attack/aipen...
Reposted by aikido | no bullsh*t security for devs
it appears the same attackers also compromised the JavaScript package duckdb (~350k downloads a week):
https://www.aikido.dev/blog/duckdb-npm-packages-compromised
https://www.aikido.dev/blog/duckdb-npm-packages-compromised
duckdb npm packages compromised
The popular package duckdb was compromised by same attackers that hit debug and chalk
www.aikido.dev
September 9, 2025 at 4:16 PM
it appears the same attackers also compromised the JavaScript package duckdb (~350k downloads a week):
https://www.aikido.dev/blog/duckdb-npm-packages-compromised
https://www.aikido.dev/blog/duckdb-npm-packages-compromised
with a combined 2 billion weekly downloads, this is one of the largest supply chain attacks in npm history
September 8, 2025 at 3:47 PM
with a combined 2 billion weekly downloads, this is one of the largest supply chain attacks in npm history
• supports-color (287.1m downloads per week)
• strip-ansi (261.17m downloads per week)
• chalk (299.99m downloads per week)
• debug (357.6m downloads per week)
• ansi-styles (371.41m downloads per week)
• strip-ansi (261.17m downloads per week)
• chalk (299.99m downloads per week)
• debug (357.6m downloads per week)
• ansi-styles (371.41m downloads per week)
September 8, 2025 at 3:45 PM
• supports-color (287.1m downloads per week)
• strip-ansi (261.17m downloads per week)
• chalk (299.99m downloads per week)
• debug (357.6m downloads per week)
• ansi-styles (371.41m downloads per week)
• strip-ansi (261.17m downloads per week)
• chalk (299.99m downloads per week)
• debug (357.6m downloads per week)
• ansi-styles (371.41m downloads per week)
• error-ex (47.17m downloads per week)
• color-name (191.71m downloads per week)
• is-arrayish (73.8m downloads per week)
• slice-ansi (59.8m downloads per week)
• color-convert (193.5m downloads per week)
• wrap-ansi (197.99m downloads per week)
• ansi-regex (243.64m downloads per week)
• color-name (191.71m downloads per week)
• is-arrayish (73.8m downloads per week)
• slice-ansi (59.8m downloads per week)
• color-convert (193.5m downloads per week)
• wrap-ansi (197.99m downloads per week)
• ansi-regex (243.64m downloads per week)
September 8, 2025 at 3:45 PM
• error-ex (47.17m downloads per week)
• color-name (191.71m downloads per week)
• is-arrayish (73.8m downloads per week)
• slice-ansi (59.8m downloads per week)
• color-convert (193.5m downloads per week)
• wrap-ansi (197.99m downloads per week)
• ansi-regex (243.64m downloads per week)
• color-name (191.71m downloads per week)
• is-arrayish (73.8m downloads per week)
• slice-ansi (59.8m downloads per week)
• color-convert (193.5m downloads per week)
• wrap-ansi (197.99m downloads per week)
• ansi-regex (243.64m downloads per week)
• backslash (0.26m downloads per week)
• chalk-template (3.9m downloads per week)
• supports-hyperlinks (19.2m downloads per week)
• has-ansi (12.1m downloads per week)
• simple-swizzle (26.26m downloads per week)
• color-string (27.48m downloads per week)
• chalk-template (3.9m downloads per week)
• supports-hyperlinks (19.2m downloads per week)
• has-ansi (12.1m downloads per week)
• simple-swizzle (26.26m downloads per week)
• color-string (27.48m downloads per week)
September 8, 2025 at 3:45 PM
• backslash (0.26m downloads per week)
• chalk-template (3.9m downloads per week)
• supports-hyperlinks (19.2m downloads per week)
• has-ansi (12.1m downloads per week)
• simple-swizzle (26.26m downloads per week)
• color-string (27.48m downloads per week)
• chalk-template (3.9m downloads per week)
• supports-hyperlinks (19.2m downloads per week)
• has-ansi (12.1m downloads per week)
• simple-swizzle (26.26m downloads per week)
• color-string (27.48m downloads per week)
UPDATE: A massive supply-chain compromise has affected packages with over 2 billion weekly downloads owned by the popular maintainer qix
These include:
• ansi-regex (243.64m downloads per week)
• supports-color (287.1m downloads per week)
• strip-ansi (261.17m downloads per week)
These include:
• ansi-regex (243.64m downloads per week)
• supports-color (287.1m downloads per week)
• strip-ansi (261.17m downloads per week)
September 8, 2025 at 3:45 PM
UPDATE: A massive supply-chain compromise has affected packages with over 2 billion weekly downloads owned by the popular maintainer qix
These include:
• ansi-regex (243.64m downloads per week)
• supports-color (287.1m downloads per week)
• strip-ansi (261.17m downloads per week)
These include:
• ansi-regex (243.64m downloads per week)
• supports-color (287.1m downloads per week)
• strip-ansi (261.17m downloads per week)
Trag is now part of Aikido. We sat down with Trag co-founder to talk AI, code quality, and what the future looks like. And yes… there was sake involved.
Full episode → www.youtube.com/watch?v=zUxe...
Full episode → www.youtube.com/watch?v=zUxe...
The Future of Code Reviews in the AI Era – Cyber & Sake Podcast Clip with Khachatur Virabyan
YouTube video by The Secure Disclosure | Cyber, Sake, More.
www.youtube.com
September 5, 2025 at 12:05 PM
Trag is now part of Aikido. We sat down with Trag co-founder to talk AI, code quality, and what the future looks like. And yes… there was sake involved.
Full episode → www.youtube.com/watch?v=zUxe...
Full episode → www.youtube.com/watch?v=zUxe...