The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
R7-2014-01, R7-2014-02, R7-2014-03 Disclosures: Exposure of Critical Information Via SNMP Public Community String

Vulnerabilities and Exploits

R7-2014-01, R7-2014-02, R7-2014-03 Disclosures: Exposure of Critical Information Via SNMP Public Community String

Deral Heiland's avatar

Deral Heiland

Oracular Spectacular

Vulnerabilities and Exploits

Oracular Spectacular

Greg Wiseman's avatar

Greg Wiseman

Exploiting CSRF under NoScript Conditions

Vulnerabilities and Exploits

Exploiting CSRF under NoScript Conditions

joev's avatar

joev

Sophos Web Appliance Privilege Escalation and Remote Code Execution Vulnerability

Vulnerabilities and Exploits

Sophos Web Appliance Privilege Escalation and Remote Code Execution Vulnerability

bperry's avatar

bperry

Metasploit's Brand New Heartbleed Scanner Module (CVE-2014-0160)

Vulnerabilities and Exploits

Metasploit's Brand New Heartbleed Scanner Module (CVE-2014-0160)

Tod Beardsley's avatar

Tod Beardsley

"Hack Away at the Unessential" with ExpLib2 in Metasploit

Vulnerabilities and Exploits

"Hack Away at the Unessential" with ExpLib2 in Metasploit

Wei Chen's avatar

Wei Chen

Metasploit Weekly Update: There's a Bug In Your Brain

Vulnerabilities and Exploits

Metasploit Weekly Update: There's a Bug In Your Brain

Tod Beardsley's avatar

Tod Beardsley

Metasploit Weekly Update: Video Chat, Meterpreter Building, and a Fresh MediaWiki Exploit

Vulnerabilities and Exploits

Metasploit Weekly Update: Video Chat, Meterpreter Building, and a Fresh MediaWiki Exploit

Tod Beardsley's avatar

Tod Beardsley

Weekly Metasploit Update: Feb. 13, 2014

Vulnerabilities and Exploits

Weekly Metasploit Update: Feb. 13, 2014

Tod Beardsley's avatar

Tod Beardsley

Bypassing Adobe Reader Sandbox with Methods Used In The Wild

Vulnerabilities and Exploits

Bypassing Adobe Reader Sandbox with Methods Used In The Wild

Juan Vazquez's avatar

Juan Vazquez

Metasploit Weekly Update: Adobe Reader Exploit and Post-Exploitation YouTube Broadcasting

Vulnerabilities and Exploits

Metasploit Weekly Update: Adobe Reader Exploit and Post-Exploitation YouTube Broadcasting

Tod Beardsley's avatar

Tod Beardsley

Weekly Metasploit Update: New Meterpreter Extended API, Learning About HttpServer, HttpClient, and SAP

Vulnerabilities and Exploits

Weekly Metasploit Update: New Meterpreter Extended API, Learning About HttpServer, HttpClient, and SAP

Tod Beardsley's avatar

Tod Beardsley

Weekly Metasploit Update: BrowserExploitServer (BES), IPMI, and KiTrap0D

Vulnerabilities and Exploits

Weekly Metasploit Update: BrowserExploitServer (BES), IPMI, and KiTrap0D

Tod Beardsley's avatar

Tod Beardsley

Exploiting the Supermicro Onboard IPMI Controller

Vulnerabilities and Exploits

Exploiting the Supermicro Onboard IPMI Controller

Juan Vazquez's avatar

Juan Vazquez

Social-Engineer CTF Report Released

Vulnerabilities and Exploits

Social-Engineer CTF Report Released

socialengineer's avatar

socialengineer

Weekly Update: New Exploits for MS13-069, MS13-071

Vulnerabilities and Exploits

Weekly Update: New Exploits for MS13-069, MS13-071

Tod Beardsley's avatar

Tod Beardsley

Change the Theme, Get a Shell: Remote Code Execution with MS13-071

Vulnerabilities and Exploits

Change the Theme, Get a Shell: Remote Code Execution with MS13-071

Juan Vazquez's avatar

Juan Vazquez

ByeBye Shell and the Targeting of Pakistan

Vulnerabilities and Exploits

ByeBye Shell and the Targeting of Pakistan

nex's avatar

nex

Good Exploits Never Die: Return of CVE-2012-1823

Vulnerabilities and Exploits

Good Exploits Never Die: Return of CVE-2012-1823

Juan Vazquez's avatar

Juan Vazquez

Weekly Update: Fun with ZPanel, MoinMoin, and FreeBSD

Vulnerabilities and Exploits

Weekly Update: Fun with ZPanel, MoinMoin, and FreeBSD

Egypt's avatar

Egypt

From the Wild to Metasploit: Exploit for MoinMoin Wiki (CVE-2012-6081)

Vulnerabilities and Exploits

From the Wild to Metasploit: Exploit for MoinMoin Wiki (CVE-2012-6081)

Juan Vazquez's avatar

Juan Vazquez