Aikido Unveils Endpoint Security as Supply Chain Attacks Hit Developers

GHENT, Belgium – April 20, 2026 – As software supply chain attacks reach an unprecedented scale, cybersecurity firm Aikido Security has launched Aikido Endpoint, a security agent aimed at fortifying what many now consider the weakest link in the chain: the developer's own device.

The launch comes on the heels of a historically damaging period for the open-source ecosystem. In March 2026 alone, a series of high-profile attacks shook the development world. A single threat group, dubbed TeamPCP, successfully compromised four major projects—Trivy, Checkmarx KICS, LiteLLM, and Telnyx—in less than two weeks by chaining stolen developer credentials. Days later, Axios, a ubiquitous JavaScript HTTP client with over 100 million weekly downloads, was separately compromised through a hijacked maintainer account.

These incidents underscore a dramatic shift in attacker strategy. Instead of targeting repository infrastructure, they are going directly to the source. Aikido’s new product enters a market where, according to Gartner, 45% of organizations worldwide will have experienced a software supply chain attack by 2025, a threefold increase from 2021.

The Developer's Machine: The New Front Line

For years, enterprise security has focused on production servers and corporate networks, often treating developer workstations with the same security posture as a sales team's laptop. Recent events and mounting data suggest this is a critical oversight. Security experts now refer to the developer device as the 'Achilles’ heel' of the modern software supply chain.

These machines are treasure troves of sensitive access. They hold cloud credentials, package publishing tokens for registries like npm and PyPI, SSH keys for production servers, and Kubernetes configurations. A single compromised developer credential can grant an attacker the ability to publish malicious versions of legitimate software, triggering a catastrophic ripple effect across thousands of downstream organizations that depend on it.

Independent research validates the severity of this risk. A recent report from security firm GitGuardian found that nearly 24 million development secrets were publicly committed to GitHub in the past year, more than double the amount from two years prior. This exposure, combined with the increasing sophistication of attacks, creates a perfect storm. The number of malicious packages detected across major open-source registries grew by over 28% in the last year, with some platforms like the Python Package Index (PyPI) seeing a 400% surge in malicious uploads.

“The developer device is the Achilles’ heel of the software supply chain,” said Willem Delbare, co-founder and CEO of Aikido, in a statement. “These machines hold the credentials, the publish tokens, and the keys to production. Most organizations have zero visibility into what's being installed on them – by human or agent.”

AI's Double-Edged Sword: Amplifying Risk and Demanding New Defenses

The problem is being compounded by the rapid adoption of artificial intelligence in the development process. AI coding agents, while powerful productivity boosters, have also exponentially expanded the attack surface on developer machines. These tools autonomously pull packages, utilize third-party tools, and add new dependencies to a project, often without direct human oversight.

This introduces a new vector for supply chain poisoning. While 95% of organizations report using AI tools for code generation, a recent study found that only 24% conduct full security and quality checks on the output. This gap is not lost on security professionals; 96% view AI agents as a security risk, yet their adoption continues to accelerate.

The March 2026 compromise of LiteLLM, a popular package for interacting with AI models, was a stark reminder of this new reality. By targeting a tool central to AI development, attackers demonstrated the potential for widespread disruption. The OWASP Foundation has even released a Top 10 list of security risks for Large Language Models (LLMs), including training data poisoning and insecure output handling, highlighting the nascent and complex security challenges AI presents.

“Writing a supply chain attack used to require real skill. Now you need an $8 ChatGPT subscription,” noted Charlie Eriksen, Lead Security Researcher at Aikido. “In twelve months, we went from single-package compromises to self-replicating worms to full CI/CD pipeline hijacks chaining across registries. Aikido Endpoint is built for this new reality.”

A New Security Paradigm: Blocking Threats at the Source

In response to this evolving landscape, Aikido Endpoint proposes a different approach. Instead of focusing on code repositories or CI/CD pipelines after the fact, the tool operates as a lightweight agent directly on the developer's device. Its core function is to inspect and block threats before they are ever installed.

The agent monitors every attempted installation across the machine, from package managers like npm and Maven to VS Code extensions, browser plugins, and even skills for AI agents. It cross-references these with Aikido Intel, the company's threat intelligence engine that reportedly identifies over 100,000 new malicious packages daily.

One of its most notable features is the enforcement of protective defaults. By default, Endpoint can be configured to block any package published less than 48 hours ago. This simple but effective rule closes the critical window when new malicious packages are most likely to be distributed and cause damage before they are detected and flagged by the security community.

From Open Source to Enterprise-Grade Security

Aikido Security is not new to this space. The new enterprise product builds upon the success of Safe Chain, the company's popular open-source CLI firewall, which boasts over 200,000 weekly downloads. This open-source project, which already defends against the attack patterns seen in the Axios and TeamPCP compromises, provided the foundation and developer community trust for this enterprise-grade evolution.

Aikido Endpoint is the next step, designed for organizational-level governance. It can be deployed and managed through existing Mobile Device Management (MDM) systems and includes request-and-approval workflows for when a developer needs access to a blocked package. This provides security teams with granular control and visibility without completely halting development.

Based in Ghent, Belgium, Aikido Security has seen a meteoric rise, reportedly becoming the fastest European cybersecurity company to achieve unicorn status. With a customer base that includes over 100,000 teams from organizations like the Premier League, Revolut, and SoundCloud, the company has established itself as a significant player in the developer security market. The launch of Aikido Endpoint signals a strategic push to secure the most volatile and critical point in the software lifecycle: the developer's own digital workspace.