Rapid7 Cybersecurity Blog & Latest Vulnerability News

Products and Tools

Dynamic EASM Discovery: Continuous Discovery for a Changing Attack Surface

Ed Montgomery

Threat Research

SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums

Milan Spinka

Products and Tools

Metasploit Wrap-Up 12/12/2025

Spencer McIntyre

Vulnerabilities and Exploits

New Research: Multifunction Printer (MFP) Security Concerns within the Enterprise Business Environment

Deral Heiland, Sam Moses

Industry Trends

Geopolitics and Cyber Risk: How Global Tensions Shape the Attack Surface

Jeremy Makowski

Exposure Management

Patch Tuesday - December 2025

Adam Barnett

Vulnerabilities and Exploits

CVE-2025-10573: Ivanti EPM Unauthenticated Stored Cross-Site Scripting (Fixed)

Ryan Emmons

Products and Tools

Metasploit Wrap-Up 12/05/2025

Jack Heysel

Industry Trends

Voices of the Experts: What to Expect from Our Predictions Webinar

Rapid7

Vulnerabilities and Exploits

React2Shell (CVE-2025-55182) - Critical unauthenticated RCE affecting React Server Components

Rapid7

Industry Trends

From Policy to Practice: Why Cyber Resilience Needs a Reboot

Rapid7

Detection and Response

Announcing Rapid7’s Next-Gen SIEM Buyer’s Guide

Rapid7

Products and Tools

Rapid7 Helps Lower Your Cost to Assurance for HITRUST

Jon Schipp

Products and Tools

Metasploit Wrap-Up 11/28/2025

Simon Janusz

Threat Research

From Extortion to E-commerce: How Ransomware Groups Turn Breaches into Bidding Wars

Alexandra Blia, Gal Givon

Products and Tools

Metasploit Wrap-Up 11/21/2025

Alan David Foster

Cloud and Devops Security

Onboard at Cloud Speed with Rapid7 and AWS IAM Delegation

Rapid7

Cloud and Devops Security

Introducing Rapid7 Curated Intelligence Rules for AWS Network Firewall

Rapid7

Vulnerabilities and Exploits

CVE-2025-13315, CVE-2025-13316: Critical Twonky Server Authentication Bypass (NOT FIXED)

Ryan Emmons

Industry Trends

The State of Security Today: Setting the Stage for 2026

Rapid7

Products and Tools

Metasploit Wrap-Up 11/14/2025

Brendan Watters

The Rapid7 Blog:
Your Signal in the Security Noise

Featured posts

Rapid7's Q3 2025 Threat Landscape Report

The End of Legacy SIEM as we Know it

A New Meeting Invite, or a New Attack Vector?

Rapid7's Q3 2025 Threat Landscape Report

The End of Legacy SIEM as we Know it

A New Meeting Invite, or a New Attack Vector?

Categories

Popular Tags

Dynamic EASM Discovery: Continuous Discovery for a Changing Attack Surface

SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums

Metasploit Wrap-Up 12/12/2025

New Research: Multifunction Printer (MFP) Security Concerns within the Enterprise Business Environment

Geopolitics and Cyber Risk: How Global Tensions Shape the Attack Surface

Patch Tuesday - December 2025

CVE-2025-10573: Ivanti EPM Unauthenticated Stored Cross-Site Scripting (Fixed)

Metasploit Wrap-Up 12/05/2025

Voices of the Experts: What to Expect from Our Predictions Webinar

React2Shell (CVE-2025-55182) - Critical unauthenticated RCE affecting React Server Components

From Policy to Practice: Why Cyber Resilience Needs a Reboot

Announcing Rapid7’s Next-Gen SIEM Buyer’s Guide

Rapid7 Helps Lower Your Cost to Assurance for HITRUST

Metasploit Wrap-Up 11/28/2025

From Extortion to E-commerce: How Ransomware Groups Turn Breaches into Bidding Wars

Metasploit Wrap-Up 11/21/2025

Onboard at Cloud Speed with Rapid7 and AWS IAM Delegation

Introducing Rapid7 Curated Intelligence Rules for AWS Network Firewall

CVE-2025-13315, CVE-2025-13316: Critical Twonky Server Authentication Bypass (NOT FIXED)

The State of Security Today: Setting the Stage for 2026

Metasploit Wrap-Up 11/14/2025

The Rapid7 Blog:Your Signal in the Security Noise

Featured posts

Rapid7's Q3 2025 Threat Landscape Report

The End of Legacy SIEM as we Know it

A New Meeting Invite, or a New Attack Vector?

Rapid7's Q3 2025 Threat Landscape Report

The End of Legacy SIEM as we Know it

A New Meeting Invite, or a New Attack Vector?

Categories

Categories

Popular Tags

Popular Tags

Dynamic EASM Discovery: Continuous Discovery for a Changing Attack Surface

SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums

Metasploit Wrap-Up 12/12/2025

New Research: Multifunction Printer (MFP) Security Concerns within the Enterprise Business Environment

Geopolitics and Cyber Risk: How Global Tensions Shape the Attack Surface

Patch Tuesday - December 2025

CVE-2025-10573: Ivanti EPM Unauthenticated Stored Cross-Site Scripting (Fixed)

Metasploit Wrap-Up 12/05/2025

Voices of the Experts: What to Expect from Our Predictions Webinar

React2Shell (CVE-2025-55182) - Critical unauthenticated RCE affecting React Server Components

From Policy to Practice: Why Cyber Resilience Needs a Reboot

Announcing Rapid7’s Next-Gen SIEM Buyer’s Guide

Rapid7 Helps Lower Your Cost to Assurance for HITRUST

Metasploit Wrap-Up 11/28/2025

From Extortion to E-commerce: How Ransomware Groups Turn Breaches into Bidding Wars

Metasploit Wrap-Up 11/21/2025

Onboard at Cloud Speed with Rapid7 and AWS IAM Delegation

Introducing Rapid7 Curated Intelligence Rules for AWS Network Firewall

CVE-2025-13315, CVE-2025-13316: Critical Twonky Server Authentication Bypass (NOT FIXED)

The State of Security Today: Setting the Stage for 2026

Metasploit Wrap-Up 11/14/2025

The Rapid7 Blog:
Your Signal in the Security Noise