Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The last few months have made something clear. Attackers are not guessing anymore. They are watching how developers install dependencies and they are using timing itself as an attack vector. Fresh versions are where attackers strike first and they strike fast. So we upgraded Safe Chain to close that window.

Dependency issues are easiest to address when they show up directly in the development workflow. With this release, we’re bringing the full SCA workflow into the Aikido IDE extension, combining in-editor scanning with the ability to apply safe upgrades through AutoFix. Developers can detect vulnerable packages and resolve them without switching tools or breaking focus.

We’ve all been there: you send an API request, wait for the response, and boom, you get hit with the “CORS error” pops up in your browser console. For many developers, the first instinct is to find a quick fix: add Access-Control-Allow-Origin: * and move on. However, that approach misses the point entirely. CORS isn’t just another configuration hurdle, but one of the most important browser security mechanisms ever built.

We brought together Ian Moritz, Deployed Engineer at Cognition, and Mackenzie Jackson from Aikido Security for a live masterclass on AI-assisted coding. The goal wasn’t to hype new tools. It was to talk about how developers can stay in control while AI starts writing, testing, and securing code beside them.

As part of Aikido’s Security Masterclass series, Mackenzie Jackson sat down with Bill Harmer (CISO, Supabase) and Etienne Stalmans (Security Engineer, Supabase) to explore how Supabase approaches security as part of design, not something to bolt on later. From Row Level Security (RLS) to the risks of AI-assisted coding, the discussion focused on what it takes to build fast and stay secure.