Rapid7

The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

How Modern SOCs are Fighting against Alert Fatigue

How Modern SOCs are Fighting against Alert Fatigue

Read post
Weekly Metasploit Update: Apache ActiveMQ RCE, Gogs Rebase RCE, and Windows Kernel Pointer Enum

Products and Tools

Weekly Metasploit Update: Apache ActiveMQ RCE, Gogs Rebase RCE, and Windows Kernel Pointer Enum

Brendan Watters's avatar

Brendan Watters

How the “Swiss Cheese” model can help you choose the right MDR provider

Detection and Response

How the “Swiss Cheese” model can help you choose the right MDR provider

David Higgs's avatar

David Higgs

A Day in the Life of an MDR Analyst: Inside the Modern SOC

Industry Trends

A Day in the Life of an MDR Analyst: Inside the Modern SOC

Emma Burdett's avatar

Emma Burdett

CVE-2026-0826: How an Old Bug Can Feed AI-Powered Impersonation

Vulnerabilities and Exploits

CVE-2026-0826: How an Old Bug Can Feed AI-Powered Impersonation

Douglas McKee, Director, Vulnerability Intelligence's avatar

Douglas McKee, Director, Vulnerability Intelligence

CVE-2026-0826: Critical unauthenticated stack buffer overflow in HP Poly VVX and Trio VoIP Phones (FIXED)

Vulnerabilities and Exploits

CVE-2026-0826: Critical unauthenticated stack buffer overflow in HP Poly VVX and Trio VoIP Phones (FIXED)

Stephen Fewer's avatar

Stephen Fewer

Rapid7 and Exclusive Networks Expand Partnership Across the Nordics

Culture

Rapid7 and Exclusive Networks Expand Partnership Across the Nordics

Mike Ryan's avatar

Mike Ryan

Metasploit Wrap Up 05/29/2026

Products and Tools

Metasploit Wrap Up 05/29/2026

Spencer McIntyre's avatar

Spencer McIntyre

Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)

Vulnerabilities and Exploits

Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)

Rapid7's avatar

Rapid7

Experts on Experts: Why Compliance is becoming Continuous

Industry Trends

Experts on Experts: Why Compliance is becoming Continuous

Craig Adams's avatar

Craig Adams

Authenticated RCE via Argument Injection in Gogs (NOT FIXED)

Vulnerabilities and Exploits

Authenticated RCE via Argument Injection in Gogs (NOT FIXED)

Jonah Burgess's avatar

Jonah Burgess

How Security Leaders Cut Through Complexity to Drive Better Outcomes

Industry Trends

How Security Leaders Cut Through Complexity to Drive Better Outcomes

Emma Burdett's avatar

Emma Burdett

Metasploit Wrap Up 05/22/2026

Products and Tools

Metasploit Wrap Up 05/22/2026

Martin Sutovsky's avatar

Martin Sutovsky

Q1 2026 Threat Landscape Report: Zero-clicks, geopolitical tensions, and some wins for law enforcement

Threat Research

Q1 2026 Threat Landscape Report: Zero-clicks, geopolitical tensions, and some wins for law enforcement

Rapid7 Labs's avatar

Rapid7 Labs

Operationalizing CTEM Faster: Build Surface Command Dashboards in Minutes

Exposure Management

Operationalizing CTEM Faster: Build Surface Command Dashboards in Minutes

Ed Montgomery's avatar

Ed Montgomery

Rapid7’s 2026 Global Cybersecurity Summit: Key Takeaways for Security Leaders

Industry Trends

Rapid7’s 2026 Global Cybersecurity Summit: Key Takeaways for Security Leaders

Emma Burdett's avatar

Emma Burdett

Metasploit Wrap-Up 05/15/2026

Products and Tools

Metasploit Wrap-Up 05/15/2026

Martin Sutovsky's avatar

Martin Sutovsky

CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OS

Vulnerabilities and Exploits

CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OS

Rapid7's avatar

Rapid7

CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)

Vulnerabilities and Exploits

CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)

Jonah Burgess's avatar
Stephen Fewer's avatar

Jonah Burgess, Stephen Fewer

The Dark Side of Efficiency: When Network Controllers Become "God Mode" for Attackers

Vulnerabilities and Exploits

The Dark Side of Efficiency: When Network Controllers Become "God Mode" for Attackers

Douglas McKee, Director, Vulnerability Intelligence's avatar

Douglas McKee, Director, Vulnerability Intelligence

When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise

Threat Research

When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise

Anna Širokova's avatar

Anna Širokova

Rapid7 Partner Academy: Driving Impact with Gold Stevie Award-Winning Partner Services Certifications

Culture

Rapid7 Partner Academy: Driving Impact with Gold Stevie Award-Winning Partner Services Certifications

Rapid7's avatar

Rapid7