Aikido Security
Aikido Security acquires Root to expand backported fixes for open source vulnerabilities
Aikido Security has acquired Root, uniting behind a shared mission to make it easy for developers and agents to build with secure open source and tackle the growing threat of …
Security testing was built for a slower world
Software teams are pushing code into production faster than security testing can keep up. AI is accelerating development cycles and adding pressure to security programs that …
Deleted Google API keys keep working for up to 23 minutes, researchers warn
Google API keys are credentials that let applications access Google services, from Maps to the Gemini AI. If a key is leaked, an attacker can use it to make API calls, rack up …
TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware
TeamPCP continues is supply chain compromise rampage, with telnyx on PyPI being the latest maliciously modified package. What happened? Telnyx is a widely used software …
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in …
Betterleaks: Open-source secrets scanner
Secrets scanning has become standard practice across engineering organizations, and Gitleaks has been one of the most widely used tools in that space. The author of that …
New infosec products of the month: February 2026
Here’s a look at the most interesting products from the past month, featuring releases from Aikido Security, Avast, Armis, Black Duck, Compliance Scorecard, Fingerprint, …
Aikido Infinite introduces continuous, self-remediating AI penetration testing
Aikido Security has unveiled Aikido Infinite, a continuous AI penetration testing solution that autonomously validates and remediates vulnerabilities. Infinite reduces risk …
Waiting for AI superintelligence? Don’t hold your breath
AI’s impact on systems, security, and decision-making is already permanent. Superintelligence, often referred to as artificial superintelligence (ASI), describes a …
Security teams debate how much to trust AI
AI is reshaping how organizations operate, defend systems, and interpret risk. Reports reveal rising AI-driven attacks, hidden usage across enterprises, and widening gaps …
When AI writes code, humans clean up the mess
AI coding tools are reshaping how software is written, tested, and secured. They promise speed, but that speed comes with a price. A new report from Aikido Security shows that …
Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack
A potentially monumental supply chain attack is underway, thanks to a self-replicating worm-like payload that has been compromising packages published on the npm Registry. The …
Featured news
Resources
Don't miss
- Oracle E-Business Suite Payments flaw under attack (CVE-2026-46817)
- SimpleHelp vulnerability exploited to deliver mighty Djinn Stealer (CVE-2026-48558)
- AirDrop and Quick Share vulnerabilities affect protocols on five billion devices as fixes begin
- Vulnerability reports are arriving faster than GitHub can review them
- JSP webshells being dropped on unpatched PTC Windchill instances