Blog

Security Insights

Deep dives, expert analysis, and practical guidance on exposure management, adversarial validation, and the future of AI-driven exposure management.

Data BreachesCybersecurity

Top 10 Data Breaches of April 2026

The biggest data breaches of April 2026 ranked and analyzed, from Checkmarx supply chain poisoning to Salesforce misconfigurations and ransomware hitting two major US banks.

May 1, 202615 min

Best AI Pentesting Tools in 2026 - Ranked Priced and Compared

Penetration TestingCTEM

Best AI Pentesting Tools in 2026: Ranked, Priced & Compared (12 Tools)

Which AI pentesting tool actually reduces risk in 2026? We reviewed 12 platforms on autonomy, proof quality, pricing, and what happens after a vulnerability is found.

Apr 9, 202627 min

CTEMPenetration Testing

Is Claude Mythos the End of Pentesting?

Claude Mythos found thousands of zero-days in Linux, browsers, and Apache. Does that make pentesting platforms obsolete? Understanding why models, harnesses, and platforms are three different things -- and why smarter AI makes Strobes more valuable, not less.

Apr 8, 202612 min

Strobes VI Supply Chain Attacks Ransomware Groups Threat Actors - Featured Image

Product UpdatesVulnerability Intelligence

Strobes VI Now Tracks Supply Chain Attacks, Ransomware Groups, and Threat Actors

224,487 supply chain incidents. 1,251 threat actors. Ransomware groups tracked in real time. Strobes VI now provides the threat intelligence layer that powers proactive exposure management, starting with the lessons from the Axios npm compromise.

Apr 3, 202611 min

How Strobes AI Turns a Supply Chain Zero-Day into Full Exposure Assessment

CTEMCybersecurity

How Strobes AI Turns a Supply Chain Zero-Day into a Full Exposure Assessment in Under 30 Minutes

When the axios npm package was compromised on March 31, 2026, Strobes AI agents autonomously performed incident response, identified every exposed repository across the attack surface, and generated a complete exposure assessment with remediation tasks in under 30 minutes.

Mar 31, 202610 min

CTEMVulnerability Intelligence

Axios npm Supply Chain Attack: 83M Weekly Downloads Compromised by Cross-Platform RAT

On March 31, 2026, attackers compromised the axios npm maintainer account and published backdoored versions deploying a cross-platform RAT to macOS, Windows, and Linux. Full incident breakdown with IOCs, detection guidance, and real-time AI-driven response.

Mar 31, 20269 min

Offensive SecurityCTEM

Strobes AI: The Agent Stack Specialized for Offensive Security

A deep-dive into the multi-agent architecture behind Strobes AI — 12 purpose-built offensive security agents, the Skills system, Human in the Loop governance, and the architectural properties that make continuous exposure management viable at scale.

Mar 27, 20268 min

A Poisoned PyPI Package Hit 36 Percent of Cloud Environments

LLM SecurityCybersecurity

A Poisoned PyPI Package Quietly Hit 36 Percent of Cloud Environments Through LiteLLM

LiteLLM 1.82.7 and 1.82.8 silently swept AWS credentials, Kubernetes configs, and SSH keys from 3.4 million daily installs. Here is exactly what the payload did and how Strobes AI detects and shuts it down.

Mar 26, 202612 min

What is an Exposure Assessment Platform - Strobes CTEM Guide

CTEMVulnerability Management

What is an Exposure Assessment Platform? The Complete Guide for Security Leaders

An Exposure Assessment Platform (EAP) is the connective tissue that unifies, normalizes, prioritizes, and mobilizes remediation across your entire attack surface. This guide covers how EAPs work, why they replace traditional vulnerability management, and how to evaluate one for your CTEM program.

Mar 25, 202613 min

CTEM

Driving CTEM Adoption Across the Enterprise

Most enterprises are not short on security activity. They run scanners, onboard new tools, commission assessments, run internal reviews, and publish regular risk reports. Yet exposure still slips through. Incidents still trace back to issues that were already known. Teams still debate what matters m

Feb 9, 202612 min

CTEM

Top 10 Exposure Management Platforms That Truly Reduce Risks

If you’ve owned security outcomes for any length of time, the shift is clear. Counting CVEs no longer tells you whether risk is actually going down. Attack surfaces expand continuously, change faster than teams can track, and traditional scanners struggle to show what attackers are actually exploiti

Feb 3, 202620 min

CTEM

2025, The Year We Stopped Building Features and Started Building Outcomes

Let me be real with you. 2025 wasn't about launching a hundred features and patting ourselves on the back. It was about asking one uncomfortable question: Are we actually helping security teams reduce exposure, or are we just giving them another dashboard to stare at? The answer shaped everything we

Dec 30, 202515 min