Aikido Security has introduced Aikido Endpoint, a lightweight security agent designed to safeguard developer devices from rising software supply chain attacks. With this launch, the company aims to address a growing security gap by blocking malicious packages, IDE extensions, browser plugins, and even AI-driven tools before they are installed.

The release comes at a critical time, as supply chain attacks in the open-source ecosystem continue to surge. Recently, a threat group known as TeamPCP executed a series of coordinated attacks by chaining stolen credentials across multiple major projects, including Trivy, Checkmarx KICS, LiteLLM, and Telnyx, all within a span of ten days. Shortly after, another high-profile incident compromised Axios through a hijacked maintainer account, impacting millions of users globally.

Notably, all these attacks shared a common entry point developer devices. These systems often store sensitive credentials such as cloud access keys, SSH configurations, npm publish tokens, and Kubernetes settings. As a result, compromising a single developer machine can trigger widespread damage, including the distribution of malicious code across entire software ecosystems. Despite this risk, many organizations still treat developer endpoints like standard corporate laptops, leaving them vulnerable.

Moreover, the threat landscape is evolving rapidly. On one hand, the barrier to creating supply chain malware has significantly decreased. On the other hand, AI-powered coding tools are now autonomously pulling dependencies and integrating packages, which further expands the attack surface. According to Aikido’s threat intelligence engine, the number of malicious packages detected daily has surged past 100,000, a sharp increase from around 20,000 just a year ago.

To counter these risks, Aikido Endpoint takes a proactive approach by operating directly on the developer’s device. Unlike traditional tools that focus on repositories or CI/CD pipelines, this solution monitors all installations in real time and blocks suspicious activity before it can cause harm. Additionally, it enforces security policies such as minimum package age, preventing the installation of newly published packages within the first 48 hours a period when threats are most likely to go undetected.

Ad Banner

The platform offers broad coverage across popular ecosystems, including npm, PyPI, Maven, NuGet, VS Code extensions, browser plugins, and AI marketplaces. Furthermore, it builds on Aikido’s existing Safe Chain tool, extending its capabilities into an enterprise-ready solution with governance controls and approval workflows.

“Writing a supply chain attack used to require real skill. Now you need an $8 ChatGPT subscription. In twelve months, we went from single-package compromises to self-replicating worms to full CI/CD pipeline hijacks chaining across registries. Aikido Endpoint is built for this new reality,” said Charlie Eriksen, Lead Security Researcher at Aikido.

“The developer device is the Achilles’ heel of the software supply chain. These machines hold the credentials, the publish tokens, and the keys to production. Most organizations have zero visibility into what’s being installed on them – by human or agent. Endpoint puts a security layer between the open internet and every developer machine in the company,” added Willem Delbare, co-founder and CEO of Aikido.

Overall, Aikido Endpoint represents a shift toward endpoint-level security in the fight against supply chain threats. By focusing on the developer device, the solution aims to close a critical vulnerability and strengthen enterprise defenses against increasingly sophisticated cyberattacks.

Recommended Cyber Technology News:

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com  



🔒 Login or Register to continue reading