The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
Carding-as-a-Service: The Underground Market of Stolen Cards

Threat Research

Carding-as-a-Service: The Underground Market of Stolen Cards

Alexandra Blia's avatar
Maor Weinberger's avatar

Alexandra Blia, Maor Weinberger +1

Measuring AI Security: Separating Signal from Panic

Threat Research

Measuring AI Security: Separating Signal from Panic

Christiaan Beek's avatar

Christiaan Beek

Chrysalis, Notepad++, and Supply Chain Risk: What it Means, and What to Do Next

Threat Research

Chrysalis, Notepad++, and Supply Chain Risk: What it Means, and What to Do Next

Rapid7's avatar

Rapid7

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Threat Research

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Ivan Feigl's avatar

Ivan Feigl

Beyond the Device: Exploring the New Security Risks of Interconnected IoT at CES 2026

Threat Research

Beyond the Device: Exploring the New Security Risks of Interconnected IoT at CES 2026

Deral Heiland's avatar

Deral Heiland

SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums

Threat Research

SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums

Milan Spinka's avatar

Milan Spinka

From Extortion to E-commerce: How Ransomware Groups Turn Breaches into Bidding Wars

Threat Research

From Extortion to E-commerce: How Ransomware Groups Turn Breaches into Bidding Wars

Alexandra Blia's avatar
Gal Givon's avatar

Alexandra Blia, Gal Givon

Threat Landscape of the Building and Construction Sector Part Two: Ransomware

Threat Research

Threat Landscape of the Building and Construction Sector Part Two: Ransomware

Jeremy Makowski's avatar

Jeremy Makowski

Attackers accelerate, adapt, and automate: Rapid7’s Q3 2025 Threat Landscape Report

Threat Research

Attackers accelerate, adapt, and automate: Rapid7’s Q3 2025 Threat Landscape Report

Rapid7's avatar

Rapid7

Threat Landscape of the Building and Construction Sector, Part One: Initial Access, Supply Chain, and the Internet of Things

Threat Research

Threat Landscape of the Building and Construction Sector, Part One: Initial Access, Supply Chain, and the Internet of Things

Jeremy Makowski's avatar

Jeremy Makowski

Salt Typhoon APT Group: What Public Sector Leaders and Defenders Should Know

Threat Research

Salt Typhoon APT Group: What Public Sector Leaders and Defenders Should Know

Rapid7 Labs's avatar

Rapid7 Labs

Inside Russian Market: Uncovering the Botnet Empire

Threat Research

Inside Russian Market: Uncovering the Botnet Empire

Alexandra Blia's avatar
Maor Weinberger's avatar

Alexandra Blia, Maor Weinberger

Crimson Collective: A New Threat Group Observed Operating in the Cloud

Threat Research

Crimson Collective: A New Threat Group Observed Operating in the Cloud

Jakub Zvarik's avatar

Jakub Zvarik

Microsoft SharePoint Zero-Day Exploitation: What Public Sector Leaders Should Know

Threat Research

Microsoft SharePoint Zero-Day Exploitation: What Public Sector Leaders Should Know

Rapid7 Labs's avatar

Rapid7 Labs

An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life (Part 2)

Threat Research

An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life (Part 2)

Anna Katarina Quinn's avatar

Anna Katarina Quinn

Compromise for Sale: Inside the Rapid7 2025 Access Brokers Report

Threat Research

Compromise for Sale: Inside the Rapid7 2025 Access Brokers Report

Rapid7's avatar

Rapid7

DisguiseDelimit: Rapid7 talks NAS exploitation at DEF CON 33

Threat Research

DisguiseDelimit: Rapid7 talks NAS exploitation at DEF CON 33

Rapid7's avatar

Rapid7

An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life (Part 1)

Threat Research

An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life (Part 1)

Anna Katarina Quinn's avatar

Anna Katarina Quinn

Q2 2025 Ransomware Trends Analysis: Boom and Bust

Threat Research

Q2 2025 Ransomware Trends Analysis: Boom and Bust

Chris Boyd's avatar

Chris Boyd

Emerging Trends in AI-Related Cyberthreats in 2025: Impacts on Organizational Cybersecurity

Threat Research

Emerging Trends in AI-Related Cyberthreats in 2025: Impacts on Organizational Cybersecurity

Jeremy Makowski's avatar

Jeremy Makowski

Filch Stealer: A new infostealer leveraging old techniques

Threat Research

Filch Stealer: A new infostealer leveraging old techniques

Ivan Feigl's avatar

Ivan Feigl