Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containerization, a form of lightweight virtualization, lets applications inhabit their own self-contained environments. Each container packages everything an application needs to run – code, runtime, libraries – keeping it neatly separated from everything else. This isolation is a big deal because it means a problem in one container won’t bring down the whole environment.

Our Aikido Intel team has been identifying undisclosed open-source vulnerabilities using LLM-driven analysis and human verification. Now, we’re expanding our supply chain security research to detect and track malware in open-source packages, cheaper, better, & faster than what exists today.

On March 13th 2025, our malware analysis engine alerted us to a potential malicious package that was added to NPM. First indications suggested this would be a clear-cut case, however, when we started peeling back the layers things weren’t quite as they seemed. Here is a story about how sophisticated nation state actors can hide malware within packages.

Secrets aren't just in code. GitGuardian’s 2025 report shows major leaks in collaboration tools like Slack, Jira, and Confluence. Here’s what security teams need to know.

On March 19, 2025, the CISA issued a warning about the active exploitation of CVE-2017-12637, a directory traversal vulnerability in SAP NetWeaver AS Java. This vulnerability, originally patched in 2017, has resurfaced due to incomplete mitigations, leading to increased risks for organizations using outdated or misconfigured SAP environments.

Federal Desktop Core Configuration (FDCC) was mandated by the US Office of Management and Budget (OMB) in 2007 and provides a set of security standards that must be adhered to by all federal workstations and laptops running Windows XP or Vista. FDCC evolved into the United States Government Configuration Baseline (USGCB) starting in 2010, although some agencies and contracts may still be under lingering FDCC compliance obligations.

Despite advancements in API security, access control vulnerabilities, such as broken object-level authentication (BOLA) and broken function-level authentication (BFLA), remain almost impossible to detect. This blog will explore why these vulnerabilities are so difficult to detect, the limitations of current security tools, and the implications for businesses relying on API-driven applications. It will also discuss potential approaches for improving API security posture.