The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Rapid7's Q3 2025 Threat Landscape Report

Rapid7's Q3 2025 Threat Landscape Report

Read post
The End of Legacy SIEM as we Know it

The End of Legacy SIEM as we Know it

Read post
A New Meeting Invite, or a New Attack Vector?

A New Meeting Invite, or a New Attack Vector?

Read post
Patch Tuesday and the Enduring Challenge of Windows’ Backwards Compatibility

Vulnerabilities and Exploits

Patch Tuesday and the Enduring Challenge of Windows’ Backwards Compatibility

Adam Barnett's avatar

Adam Barnett

Multiple Critical SolarWinds Web Help Desk Vulnerabilities: CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554

Vulnerabilities and Exploits

Multiple Critical SolarWinds Web Help Desk Vulnerabilities: CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554

Rapid7's avatar

Rapid7

Threat Actors Using AWS WorkMail in Phishing Campaigns

Detection and Response

Threat Actors Using AWS WorkMail in Phishing Campaigns

Jan Blažek's avatar
Calvin House's avatar

Jan Blažek, Calvin House

The End of the Road for Cisco Kenna: Take a Measured Path into Exposure Management

Exposure Management

The End of the Road for Cisco Kenna: Take a Measured Path into Exposure Management

Michael Chroney's avatar

Michael Chroney

Metasploit Wrap-Up 01/23/2026

Products and Tools

Metasploit Wrap-Up 01/23/2026

Jack Heysel's avatar

Jack Heysel

From Signals to Strategy: What Security Teams Must Prepare for in 2026

Industry Trends

From Signals to Strategy: What Security Teams Must Prepare for in 2026

Rapid7's avatar

Rapid7

Rapid7 MDR Integrates Microsoft Defender Signals to Create Tangible Security Outcomes

Detection and Response

Rapid7 MDR Integrates Microsoft Defender Signals to Create Tangible Security Outcomes

Rapid7's avatar

Rapid7

Metasploit Wrap-Up 01/16/2026

Products and Tools

Metasploit Wrap-Up 01/16/2026

Simon Janusz's avatar

Simon Janusz

Reducing Cloud Chaos: Rapid7 Partners with ARMO to Deliver Cloud Runtime Security

Cloud and Devops Security

Reducing Cloud Chaos: Rapid7 Partners with ARMO to Deliver Cloud Runtime Security

Joel Alcon's avatar

Joel Alcon

Patch Tuesday - January 2026

Exposure Management

Patch Tuesday - January 2026

Adam Barnett's avatar

Adam Barnett

Metasploit Wrap-Up 01/09/2026

Products and Tools

Metasploit Wrap-Up 01/09/2026

Spencer McIntyre's avatar

Spencer McIntyre

Beyond the Device: Exploring the New Security Risks of Interconnected IoT at CES 2026

Threat Research

Beyond the Device: Exploring the New Security Risks of Interconnected IoT at CES 2026

Deral Heiland's avatar

Deral Heiland

Ni8mare and N8scape flaws among multiple critical vulnerabilities affecting n8n

Vulnerabilities and Exploits

Ni8mare and N8scape flaws among multiple critical vulnerabilities affecting n8n

Rapid7's avatar

Rapid7

Key Takeaways and Top Cybersecurity Predictions for 2026

Industry Trends

Key Takeaways and Top Cybersecurity Predictions for 2026

Rapid7's avatar

Rapid7

Metasploit 2025 Annual Wrap-Up

Products and Tools

Metasploit 2025 Annual Wrap-Up

Spencer McIntyre's avatar

Spencer McIntyre

What’s New in Rapid7 Products & Services: H2 2025 in Review

Products and Tools

What’s New in Rapid7 Products & Services: H2 2025 in Review

Margaret Wei's avatar

Margaret Wei

MongoBleed CVE-2025-14847: Critical Memory Leak in MongoDB Allowing Attackers to Extract Sensitive Data

Vulnerabilities and Exploits

MongoBleed CVE-2025-14847: Critical Memory Leak in MongoDB Allowing Attackers to Extract Sensitive Data

Rapid7's avatar

Rapid7

Metasploit Wrap-Up 12/19/2025

Products and Tools

Metasploit Wrap-Up 12/19/2025

Spencer McIntyre's avatar

Spencer McIntyre

CVE-2025-37164: Critical unauthenticated RCE affecting Hewlett Packard Enterprise OneView

Vulnerabilities and Exploits

CVE-2025-37164: Critical unauthenticated RCE affecting Hewlett Packard Enterprise OneView

Rapid7's avatar

Rapid7

Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719, CVE-2026-24858 exploited in the wild

Vulnerabilities and Exploits

Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719, CVE-2026-24858 exploited in the wild

Rapid7's avatar

Rapid7

Test for React2Shell with Application Security using New Functionality

Products and Tools

Test for React2Shell with Application Security using New Functionality

Rapid7's avatar

Rapid7