Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As part of Aikido’s Security Masterclass series, Mackenzie Jackson sat down with Bill Harmer (CISO, Supabase) and Etienne Stalmans (Security Engineer, Supabase) to explore how Supabase approaches security as part of design, not something to bolt on later. From Row Level Security (RLS) to the risks of AI-assisted coding, the discussion focused on what it takes to build fast and stay secure.

We brought together Ian Moritz, Deployed Engineer at Cognition, and Mackenzie Jackson from Aikido Security for a live masterclass on AI-assisted coding. The goal wasn’t to hype new tools. It was to talk about how developers can stay in control while AI starts writing, testing, and securing code beside them.

Highlights from BSides Chicago 2025, where we explored cloud-native identity risks, from service principal abuse to Kubernetes misconfigs and control-plane compromise tactics.

The battle against cyber threats is never-ending — and mobile is the new battleground. Modern workers now rely on mobile devices to access sensitive information, often using a single device for personal and professional purposes. As a result, malicious actors have sensed a blind spot and are using these devices as the first line of attack to gain a foothold into secure systems. 1.2 million enterprise employees were exposed to mobile phishing attacks in Q2 2025.

Vulnerability reports shouldn’t read like riddles. Seemplicity’s Clarity AI Agent transforms dense, technical scanner output into clear, contextual language everyone can understand — bridging the gap between security, IT, and engineering. Discover how Clarity makes every finding readable, actionable, and ready for remediation.

Building an exposure management program is just the beginning of a long journey. True success comes from scaling that program through continuous optimization, measurable progress, and organizational alignment. As enterprises expand their digital footprint, exposure management must evolve from reactive vulnerability remediation to a proactive, data-driven discipline that continuously strengthens resilience.

Within 24 hours, three new high-severity vulnerabilities were disclosed in runc, the low-level runtime that underpins most container platforms, including Docker, containerd, Kubernetes, and nearly every major cloud provider’s managed Kubernetes service. These vulnerabilities (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881) allow a malicious container image to break out of the container boundary and affect the host machine directly.

Part of our two-part series on the evolution from EASM to EEM. This post explains how External Exposure Management becomes an operational muscle that empowers continuous defense, real-time remediation, and proactive protection. External exposure is now the frontline of cyber defense. These are the assets attackers can reach without authentication, without privilege escalation, and without internal access. That means speed and agility are not luxuries they are non-negotiable.

Software has become the foundation of numerous companies and institutions worldwide, which has made the protection of source code critical in today’s digital environment. Code security refers to such measures that are put in place to guard this asset against fraudsters, theft, and attacks among others.

Excessive user permissions leave the doors open to costly data breaches and compliance issues. Regular user access reviews can safeguard your organization against these risks, ensuring that access permissions align with current user roles and responsibilities. In this article, you’ll discover best practices and a practical checklist to make reviews of user access easier.