Rapid7 Cybersecurity Blog & Latest Vulnerability News

Vulnerabilities and Exploits

Multiple Brother Devices: Multiple Vulnerabilities (FIXED)

Stephen Fewer

Vulnerabilities and Exploits

BlackSuit Continues Social Engineering Attacks in Wake of Black Basta’s Internal Conflict

Tyler McGraw

Vulnerabilities and Exploits

CVE-2025-48045, CVE-2025-48046, CVE-2025-48047: MICI NetFax Server Product Vulnerabilities (NOT FIXED)

Anna Katarina Quinn

Vulnerabilities and Exploits

NSIS Abuse and sRDI Shellcode: Anatomy of the Winos 4.0 Campaign

Anna Širokova, Ivan Feigl

Vulnerabilities and Exploits

Multiple vulnerabilities in Ingress NGINX Controller for Kubernetes

Stephen Fewer

Vulnerabilities and Exploits

Xerox Versalink C7025 Multifunction Printer: Pass-Back Attack Vulnerabilities (FIXED)

Deral Heiland

Vulnerabilities and Exploits

Lorex 2K Indoor Wi-Fi Security Camera: Multiple Vulnerabilities (FIXED)

Stephen Fewer

Vulnerabilities and Exploits

New “CleverSoar” Installer Targets Chinese and Vietnamese Users

Natalie Zargarov

Vulnerabilities and Exploits

Malware Campaign Lures Users With Fake W2 Form

Tom Elkins

Vulnerabilities and Exploits

Metasploit Weekly Wrap-Up 7/19/2024

Christophe De La Fuente

Vulnerabilities and Exploits

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

Rapid7

Vulnerabilities and Exploits

CVE-2024-0394: Rapid7 Minerva Armor Privilege Escalation (FIXED)

Dani Kamanovsky

Vulnerabilities and Exploits

Backdoored XZ Utils (CVE-2024-3094)

Rapid7

Vulnerabilities and Exploits

How To Hunt For UEFI Malware Using Velociraptor

Matthew Green

Vulnerabilities and Exploits

CVE-2023-47218: QNAP QTS and QuTS Hero Unauthenticated Command Injection (FIXED)

Stephen Fewer

Vulnerabilities and Exploits

CVE-2023-49103 - Critical Information Disclosure in ownCloud Graph API

Stephen Fewer

Vulnerabilities and Exploits

CVE-2023-5950 Rapid7 Velociraptor Reflected XSS

Dr. Mike Cohen

Vulnerabilities and Exploits

CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest

Caitlin Condon

Vulnerabilities and Exploits

Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518

Rapid7

Vulnerabilities and Exploits

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604

Rapid7

Vulnerabilities and Exploits

CVE-2023-4966: Exploitation of Citrix NetScaler Information Disclosure Vulnerability

Rapid7

The Rapid7 Blog:
Your Signal in the Security Noise

Featured posts

Introducing Rapid7 MDR for Microsoft

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

How Modern SOCs are Fighting against Alert Fatigue

Introducing Rapid7 MDR for Microsoft

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

How Modern SOCs are Fighting against Alert Fatigue

Categories

Popular Tags

Multiple Brother Devices: Multiple Vulnerabilities (FIXED)

BlackSuit Continues Social Engineering Attacks in Wake of Black Basta’s Internal Conflict

CVE-2025-48045, CVE-2025-48046, CVE-2025-48047: MICI NetFax Server Product Vulnerabilities (NOT FIXED)

NSIS Abuse and sRDI Shellcode: Anatomy of the Winos 4.0 Campaign

Multiple vulnerabilities in Ingress NGINX Controller for Kubernetes

Xerox Versalink C7025 Multifunction Printer: Pass-Back Attack Vulnerabilities (FIXED)

Lorex 2K Indoor Wi-Fi Security Camera: Multiple Vulnerabilities (FIXED)

New “CleverSoar” Installer Targets Chinese and Vietnamese Users