Rapid7 Cybersecurity Blog & Latest Vulnerability News

Products and Tools

Metasploit 2025 Annual Wrap-Up

Spencer McIntyre

Products and Tools

What’s New in Rapid7 Products & Services: H2 2025 in Review

Margaret Wei

Vulnerabilities and Exploits

MongoBleed CVE-2025-14847: Critical Memory Leak in MongoDB Allowing Attackers to Extract Sensitive Data

Rapid7

Products and Tools

Metasploit Wrap-Up 12/19/2025

Spencer McIntyre

Vulnerabilities and Exploits

CVE-2025-37164: Critical unauthenticated RCE affecting Hewlett Packard Enterprise OneView

Rapid7

Vulnerabilities and Exploits

Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719, CVE-2026-24858 exploited in the wild

Rapid7

Products and Tools

Test for React2Shell with Application Security using New Functionality

Rapid7

Products and Tools

Dynamic EASM Discovery: Continuous Discovery for a Changing Attack Surface

Ed Montgomery

Threat Research

SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums

Milan Spinka

Products and Tools

Metasploit Wrap-Up 12/12/2025

Spencer McIntyre

Vulnerabilities and Exploits

New Research: Multifunction Printer (MFP) Security Concerns within the Enterprise Business Environment

Deral Heiland, Sam Moses

Industry Trends

Geopolitics and Cyber Risk: How Global Tensions Shape the Attack Surface

Jeremy Makowski

Exposure Management

Patch Tuesday - December 2025

Adam Barnett

Vulnerabilities and Exploits

CVE-2025-10573: Ivanti EPM Unauthenticated Stored Cross-Site Scripting (Fixed)

Ryan Emmons

Products and Tools

Metasploit Wrap-Up 12/05/2025

Jack Heysel

Industry Trends

Voices of the Experts: What to Expect from Our Predictions Webinar

Rapid7

Vulnerabilities and Exploits

React2Shell (CVE-2025-55182) - Critical unauthenticated RCE affecting React Server Components

Rapid7

Industry Trends

From Policy to Practice: Why Cyber Resilience Needs a Reboot

Rapid7

Detection and Response

Announcing Rapid7’s Next-Gen SIEM Buyer’s Guide

Rapid7

Products and Tools

Rapid7 Helps Lower Your Cost to Assurance for HITRUST

Jon Schipp

Products and Tools

Metasploit Wrap-Up 11/28/2025

Simon Janusz

The Rapid7 Blog:
Your Signal in the Security Noise

Featured posts

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Categories

Popular Tags

Metasploit 2025 Annual Wrap-Up

What’s New in Rapid7 Products & Services: H2 2025 in Review

MongoBleed CVE-2025-14847: Critical Memory Leak in MongoDB Allowing Attackers to Extract Sensitive Data

Metasploit Wrap-Up 12/19/2025

CVE-2025-37164: Critical unauthenticated RCE affecting Hewlett Packard Enterprise OneView

Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719, CVE-2026-24858 exploited in the wild

Test for React2Shell with Application Security using New Functionality

Dynamic EASM Discovery: Continuous Discovery for a Changing Attack Surface

SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums

Metasploit Wrap-Up 12/12/2025

New Research: Multifunction Printer (MFP) Security Concerns within the Enterprise Business Environment

Geopolitics and Cyber Risk: How Global Tensions Shape the Attack Surface

Patch Tuesday - December 2025

CVE-2025-10573: Ivanti EPM Unauthenticated Stored Cross-Site Scripting (Fixed)

Metasploit Wrap-Up 12/05/2025

Voices of the Experts: What to Expect from Our Predictions Webinar

React2Shell (CVE-2025-55182) - Critical unauthenticated RCE affecting React Server Components

From Policy to Practice: Why Cyber Resilience Needs a Reboot

Announcing Rapid7’s Next-Gen SIEM Buyer’s Guide

Rapid7 Helps Lower Your Cost to Assurance for HITRUST

Metasploit Wrap-Up 11/28/2025

The Rapid7 Blog:Your Signal in the Security Noise

Featured posts

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Categories

Categories

Popular Tags

Popular Tags

Metasploit 2025 Annual Wrap-Up

What’s New in Rapid7 Products & Services: H2 2025 in Review

MongoBleed CVE-2025-14847: Critical Memory Leak in MongoDB Allowing Attackers to Extract Sensitive Data

Metasploit Wrap-Up 12/19/2025

CVE-2025-37164: Critical unauthenticated RCE affecting Hewlett Packard Enterprise OneView

Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719, CVE-2026-24858 exploited in the wild

Test for React2Shell with Application Security using New Functionality

Dynamic EASM Discovery: Continuous Discovery for a Changing Attack Surface

SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums

Metasploit Wrap-Up 12/12/2025

New Research: Multifunction Printer (MFP) Security Concerns within the Enterprise Business Environment

Geopolitics and Cyber Risk: How Global Tensions Shape the Attack Surface

Patch Tuesday - December 2025

CVE-2025-10573: Ivanti EPM Unauthenticated Stored Cross-Site Scripting (Fixed)

Metasploit Wrap-Up 12/05/2025

Voices of the Experts: What to Expect from Our Predictions Webinar

React2Shell (CVE-2025-55182) - Critical unauthenticated RCE affecting React Server Components

From Policy to Practice: Why Cyber Resilience Needs a Reboot

Announcing Rapid7’s Next-Gen SIEM Buyer’s Guide

Rapid7 Helps Lower Your Cost to Assurance for HITRUST

Metasploit Wrap-Up 11/28/2025

The Rapid7 Blog:
Your Signal in the Security Noise