Aikido
Start for Free
No CC required

Raphael Silva

Security Reseacher
Raphael is a security researcher at Aikido. His vulnerability research has resulted in multiple published CVEs and has presented on security topics at DEFCON and OWASP Global AppSec. Before Aikido, Raphael was a lead security researcher at Checkmarx.
Mythos
Aikido Device Protection
Aikido Endpoint
Pypi
Secrets
Aikido Zen
IDOR vulnerabilities
IDE Security
Announcements
European Cyber Security
Continuous Pentesting
AI Safety
Self-securing Software
SSDLC
VS Code
AI Penetration Testing
Threat Modeling
Cyber Resilience Act
Triaging
AutoTriage
Pentesting
Bazel
Code Quality
OWASP
NIS2
Legaltech
fintech
RASP
End of Life
SQL Injections
DAST
cnapp
CSPM
ASPM
Infrastructure as a Code IaC
Network Security Monitoring
License Scanners
SBOM
Container Scanning
AppSec
Vulnerabilities
Software Supply Chain Security
API
Dependencies
Continuous Security Monitoring
DevSecOps
Vibe Coding
AI
NPM
autofix
Malware
Article
open-source
SCA
intel
SOC 2
usecase
Tools
SAST
Compliance
CircleCI
Codeship
IMDSv2
Cloud
IMDSv1
SSRF
AWS

Blog posts by Raphael Silva

May 20, 2026
Vulnerabilities & Threats

The Wild West of VS Code extensions and how a poisoned extension breached GitHub

A poisoned VS Code extension breached GitHub yesterday, one day after Nx Console (2.2M installs) was compromised for 18 minutes on the Visual Studio Marketplace and reached every user with auto-update on.

Tags/

#VS Code

#Software Supply Chain Security

#Aikido Endpoint

May 19, 2026
Vulnerabilities & Threats

Microsoft's durabletask package on PyPi Compromised. Mini Shai Hulud attacks again... again!

Three progressively compromised versions of a Microsoft-adjacent Python package deliver a full-featured infostealer that spreads through AWS and Kubernetes, exfiltrates every cloud credential it can find, and wipes disks on Israeli and Iranian systems

Tags/
No items found.
May 12, 2026
Vulnerabilities & Threats

Mini Shai-Hulud Is Back: npm Worm Hits over 160 Packages, including Mistral and Tanstack

Mini Shai-Hulud is back, compromising 169 npm packages across TanStack, UiPath, Squawk, and more to steal developer and CI/CD secrets, then spread through trusted publishing workflows.

Tags/

#Malware

April 29, 2026
Vulnerabilities & Threats

Mini Shai-Hulud Targets SAP npm Packages With a Bun-Based Secret Stealer

Compromised SAP npm packages use a Bun-based preinstall payload to steal GitHub, npm, cloud, and CI secrets, then spread via GitHub using OhNoWhatsGoingOnWithGitHub.

Tags/

#Malware

#NPM

March 18, 2026
Vulnerabilities & Threats

fast-draft Open VSX Extension Compromised by BlokTrooper

The fast-draft Open VSX extension was compromised to deploy a BlokTrooper RAT and infostealer via GitHub-hosted payloads. Multiple malicious versions identified.

Tags/

#Malware

#open-source

March 16, 2026
Vulnerabilities & Threats

Glassworm Strikes Popular React Native Phone Number Packages

Aikido Security researchers recovered and decrypted the full payload chain from two malicious React Native packages. Here's what the malware does and what to look for.

Tags/

#Malware

#NPM

Get secure now

Secure your code, cloud, and runtime in one central system.
Find and fix vulnerabilities fast automatically.

Start Scanning
No CC required
Book a demo
No credit card required | Scan results in 32secs.