# #41 - Aikido MCP, re-testing AI Pentest findings, and Azure Management Group support

### Features

* [Aikido MCP](https://help.aikido.dev/ide-plugins/aikido-mcp) - Aikido MCP brings Aikido’s security knowledge into AI driven workflows by letting AI agents analyze code. This enables AI tools to reason about security risks and fixes without sending code or data to the cloud.
* Re-test individual AI Pentest findings - After applying a fix to confirm whether an issue is actually resolved let Aikido AI Pentest verify the results. This helps teams close findings with confidence without running a full pentest.
* [Azure Management Groups](https://help.aikido.dev/cloud-scanning/connect-your-cloud/azure/connect-azure-management-group-s) - Connect your Azure Management Group once and Aikido will automatically discover all your existing and future groups and subscriptions.

### **Aikido Intel - Malware & Vulnerability Database**

Our research team has discovered over [#165](https://intel.aikido.dev) vulnerabilities over the last month.

We published a detailed blog post on the most significant CVE this month, [a React and Next.js denial of service issue (CVE-2025-55184)](https://www.aikido.dev/blog/react-next-js-dos-vulnerability-cve-2025-55184) and the Bad Dependencies Podcast covered an in depth breakdown of [ShaiHulud 2.0](https://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomains). You can watch the full episode on [YouTube](https://www.youtube.com/watch?v=gf4s0tyvSk4).

### Improvements

* General - [Broker Helm chart released](https://github.com/AikidoSec/helm-charts/tree/main/broker-client)
* Code Scanning - [Github Enterprise Server on-prem support with Aikido Broker](https://help.aikido.dev/code-scanning/connect-your-source-code/connect-github-enterprise-server-on-prem)
* AutoFix - [Support for Bun](https://help.aikido.dev/aikido-autofix/autofix-for-open-source-dependencies)
* Containers - [Malware detection in containers](https://help.aikido.dev/code-scanning/scanning-practices/malware-detection-in-open-source-dependencies)
* Kubernetes - [New checks for ingress-nginx and MongoDB](https://help.aikido.dev/cloud-scanning/kubernetes-cluster-scanning)
* AI Pentest - GraphQL support
* Code Quality - Automatically ignores generated files
* Domains & API’s - [Added ability to link domains directory to teams](https://help.aikido.dev/getting-started/manage-teams-and-applications/managing-user-access-with-teams#how-to-create-teams)
* Domains & API’s - [Add custom headers for use during API scan](https://help.aikido.dev/dast-surface-monitoring/api-scanning/add-additional-headers-in-api-scanning)
* Domains & API’s - [OTP/2FA support](https://help.aikido.dev/dast-surface-monitoring/using-2fa-in-front-end-and-api-scans)
* Virtual Machines - [New local scanner release](https://help.aikido.dev/virtual-machine-scanning/local-vm-scanning/setting-up-the-local-vm-scanner-linux)
* Zen Firewall - Agent releases for [Dotnet](https://github.com/AikidoSec/firewall-dotnet/releases), [Java](https://github.com/AikidoSec/firewall-java/releases), [Python](https://github.com/AikidoSec/firewall-python/releases), [PHP](https://github.com/AikidoSec/firewall-php/releases), [Ruby](https://github.com/AikidoSec/firewall-ruby/releases) and [Node](https://github.com/AikidoSec/firewall-node/releases)
* IDE - New releases for [VSCode](https://marketplace.visualstudio.com/items?itemName=AikidoSecurity.aikido), [Jetbrains](https://plugins.jetbrains.com/plugin/24993-aikido-security/versions/stable) and [Visual Studio](https://marketplace.visualstudio.com/items?itemName=AikidoSecurity.aikido-visualstudio)
* [Safe-chain releases](https://github.com/AikidoSec/safe-chain)
  * Added full python support (pip, pipx, uv, poetry)
  * Added Circle CI support
  * Allow to configure custom/private npm registries
* Notifications - Email forwarding support
* Reports - [FDA / NTIA Compliant with component hashes and supplier info](https://help.aikido.dev/getting-started/general-information/generate-sbom-based-on-open-source-packages)
* API - [Add Kubernetes cluster](https://apidocs.aikido.dev/reference/createkubernetescloud)
* API - [Start scan on code repository](https://apidocs.aikido.dev/reference/scancoderepo)
* API - [List all CI scans](https://apidocs.aikido.dev/reference/listciscans)
* API - [Get issue reachability analysis](https://apidocs.aikido.dev/reference/getissuereachability)
* API - [Add a note to issue group](https://apidocs.aikido.dev/reference/addnotetoissuegroup)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.aikido.dev/changelog/q4-2025/41-aikido-mcp-re-testing-ai-pentest-findings-and-azure-management-group-support.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.