The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Rapid7's Q3 2025 Threat Landscape Report

Rapid7's Q3 2025 Threat Landscape Report

Read post
The End of Legacy SIEM as we Know it

The End of Legacy SIEM as we Know it

Read post
A New Meeting Invite, or a New Attack Vector?

A New Meeting Invite, or a New Attack Vector?

Read post
Simplifying Security Programs with Nexpose 5.7

Products and Tools

Simplifying Security Programs with Nexpose 5.7

rpoppa's avatar

rpoppa

Metasploit 4.7's New MetaModules Simplify Security Testing

Rapid7 Blog

Metasploit 4.7's New MetaModules Simplify Security Testing

Christian Kirsch's avatar

Christian Kirsch

Metasploit Design Contest: So Much Win!

Products and Tools

Metasploit Design Contest: So Much Win!

Tod Beardsley's avatar

Tod Beardsley

If you can't explain it simply, you don't understand it well enough

Industry Trends

If you can't explain it simply, you don't understand it well enough

kevinbeaver's avatar

kevinbeaver

Patch Tuesday - July Edition!

Detection and Response

Patch Tuesday - July Edition!

Ross Barrett's avatar

Ross Barrett

Assessing risk using Security Intelligence

Products and Tools

Assessing risk using Security Intelligence

Eric Reiners's avatar

Eric Reiners

Good Exploits Never Die: Return of CVE-2012-1823

Vulnerabilities and Exploits

Good Exploits Never Die: Return of CVE-2012-1823

Juan Vazquez's avatar

Juan Vazquez

Metasploit Update: Those Sneaky IPMI Devices

Products and Tools

Metasploit Update: Those Sneaky IPMI Devices

Tod Beardsley's avatar

Tod Beardsley

Introducing RiskRater - a free tool for benchmarking endpoint, mobile and user risk management programs

Rapid7 Blog

Introducing RiskRater - a free tool for benchmarking endpoint, mobile and user risk management programs

Roy Hodgman's avatar

Roy Hodgman

A Penetration Tester's Guide to IPMI and BMCs

Products and Tools

A Penetration Tester's Guide to IPMI and BMCs

HD Moore's avatar

HD Moore

Customer Spotlight with Adept Mobile: Ever wonder how the New England Patriots/Miami Dolphins/Boston Celtics handle website demand capacity

Products and Tools

Customer Spotlight with Adept Mobile: Ever wonder how the New England Patriots/Miami Dolphins/Boston Celtics handle website demand capacity

Rapid7's avatar

Rapid7

Weekly Update: Fun with ZPanel, MoinMoin, and FreeBSD

Vulnerabilities and Exploits

Weekly Update: Fun with ZPanel, MoinMoin, and FreeBSD

Egypt's avatar

Egypt

From the Wild to Metasploit: Exploit for MoinMoin Wiki (CVE-2012-6081)

Vulnerabilities and Exploits

From the Wild to Metasploit: Exploit for MoinMoin Wiki (CVE-2012-6081)

Juan Vazquez's avatar

Juan Vazquez

Weekly Update: Smaller is Better

Products and Tools

Weekly Update: Smaller is Better

Egypt's avatar

Egypt

Cross-site Scripting (XSS) Attacks vs SQL Injection Attacks (SQLi)

Rapid7 Blog

Cross-site Scripting (XSS) Attacks vs SQL Injection Attacks (SQLi)

drew's avatar

drew

Video Tutorial - Installing Kali Linux on Bootable, Persistent USB

Rapid7 Blog

Video Tutorial - Installing Kali Linux on Bootable, Persistent USB

webpwnized's avatar

webpwnized

Custom Vulnerability Checks using Nexpose's Vulnerability Schemas

Rapid7 Blog

Custom Vulnerability Checks using Nexpose's Vulnerability Schemas

Jon Hart's avatar

Jon Hart

Patch Tuesday - June Edition

Rapid7 Blog

Patch Tuesday - June Edition

Ross Barrett's avatar

Ross Barrett

Guide to HTTP Header Configuration

Products and Tools

Guide to HTTP Header Configuration

Rapid7 Support's avatar

Rapid7 Support

Weekly Update: The Nginx Exploit and Continuous Testing

Products and Tools

Weekly Update: The Nginx Exploit and Continuous Testing

Tod Beardsley's avatar

Tod Beardsley

John the Ripper 1.8.0

Rapid7 Blog

John the Ripper 1.8.0

solardiz's avatar

solardiz