Your earliest warning for supply chain threats
Aikido Intel is the real-time supply chain intelligence feed. We detect malware and vulnerabilities in open-source ecosystems within minutes.
Most Recent
Protect Developer Devices
from Supply Chain Attacks.
Block malicious packages, IDE extensions, browser plugins, and AI tools before install.
Latest Publications
Subscribe to hear about
critical security incidents
We'll send you updates on incidents as and when they happen
Supply Chain Attack Targets Laravel-Lang Packages with Credential Stealer
Attackers injected a credential stealer into 200+ versions of popular Laravel-Lang packages, delivering a credential stealer targeting cloud keys, SSH keys, browsers, crypto wallets and more.
.png)
Google API keys keep working after you delete them
Deleting a Google API key doesn't revoke it immediately. Our testing found successful authentications up to 23 minutes after deletion, and Google has declined to fix it.
The Wild West of VS Code extensions and how a poisoned extension breached GitHub
A poisoned VS Code extension breached GitHub yesterday, one day after Nx Console (2.2M installs) was compromised for 18 minutes on the Visual Studio Marketplace and reached every user with auto-update on.
Our Intel, your security
Our engine automates security analysis using the same methodologies trusted by professional pentesters.
License the Intel Database
Use our threat intelligence to strengthen your internal security operations. Get access through our commercial API.
Protect Developer Devices
Block malicious packages, IDE extensions, browser plugins, and AI tools before install.
Secure Your Supply Chain
Secure third-party dependencies, identify real threats, remediate automatically with Aikido.
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
SOC 2Compliant
ISO 27001Compliant