Security Insights
Deep dives, expert analysis, and practical guidance on exposure management, adversarial validation, and the future of AI-driven exposure management.
How Strobes AI Turns a Supply Chain Zero-Day into a Full Exposure Assessment in Under 30 Minutes
When the axios npm package was compromised on March 31, 2026, Strobes AI agents autonomously performed incident response, identified every exposed repository across the attack surface, and generated a complete exposure assessment with remediation tasks in under 30 minutes.
Axios npm Supply Chain Attack: 83M Weekly Downloads Compromised by Cross-Platform RAT
On March 31, 2026, attackers compromised the axios npm maintainer account and published backdoored versions deploying a cross-platform RAT to macOS, Windows, and Linux. Full incident breakdown with IOCs, detection guidance, and real-time AI-driven response.
How One Phishing Email Compromised 18 npm Packages and Billions of Installs
On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 popular JavaScript packages with over 2.6 billion weekly downloads. By tricking a maintainer into revealing credentials and 2FA codes, attackers injected crypto-stealing malware i