Rapid7 Cybersecurity Blog & Latest Vulnerability News

Threat Research

New Report: The Digital Footprints of Many Executives Can Leave Their Companies Seriously Exposed

Rapid7

Detection and Response

Alert Fatigue Isn’t Going Away. Here’s How Modern SOCs Are Fighting Back

Rapid7

Products and Tools

Metasploit Wrap-Up 02/20/2026

Diego Ledda

Industry Trends

Hacktivism and the Winter Olympics 2026: What We’re Seeing and What it Signals

Emma Burdett

Vulnerabilities and Exploits

The Phone is Listening: A Cold War–Style Vulnerability in Modern VoIP

Douglas McKee

Vulnerabilities and Exploits

CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones (FIXED)

Stephen Fewer

Cloud and Devops Security

Building the Future of Cloud Security: Rapid7 Recognized in Cloud Native Application Protection, Q1 2026

Rapid7

Products and Tools

Metasploit Wrap-Up 02/13/2026

Christopher Granleese

Threat Research

Carding-as-a-Service: The Underground Market of Stolen Cards

Alexandra Blia, Maor Weinberger +1

Exposure Management

Patch Tuesday - February 2026

Adam Barnett

Threat Research

Measuring AI Security: Separating Signal from Panic

Christiaan Beek

Vulnerabilities and Exploits

CVE-2026-1731: Critical Unauthenticated Remote Code Execution in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)

Rapid7

Vulnerabilities and Exploits

Vulnerability Found in InsightVM & Nexpose: CVE-2026-1814 (FIXED)

Rapid7

Products and Tools

Metasploit Wrap-Up 02/06/2026

Christopher Granleese

Threat Research

Chrysalis, Notepad++, and Supply Chain Risk: What it Means, and What to Do Next

Rapid7

Culture

Kelly Hiscoe Recognized Among CRN 2026 Channel Chiefs for Innovation and Impact

Rapid7

Industry Trends

ICYMI: Experts on Experts – Season One Roundup

Emma Burdett

Threat Research

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Ivan Feigl

Products and Tools

Metasploit Wrap-Up 01/30/2026

Spencer McIntyre

Vulnerabilities and Exploits

Critical Ivanti Endpoint Manager Mobile (EPMM) zero-day exploited in the wild (CVE-2026-1281 & CVE-2026-1340)

Rapid7

Vulnerabilities and Exploits

Patch Tuesday and the Enduring Challenge of Windows’ Backwards Compatibility

Adam Barnett

The Rapid7 Blog:
Your Signal in the Security Noise

Featured posts

Introducing Rapid7 MDR for Microsoft

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

How Modern SOCs are Fighting against Alert Fatigue

Introducing Rapid7 MDR for Microsoft

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

How Modern SOCs are Fighting against Alert Fatigue

Categories

Popular Tags

New Report: The Digital Footprints of Many Executives Can Leave Their Companies Seriously Exposed

Alert Fatigue Isn’t Going Away. Here’s How Modern SOCs Are Fighting Back

Metasploit Wrap-Up 02/20/2026

Hacktivism and the Winter Olympics 2026: What We’re Seeing and What it Signals

The Phone is Listening: A Cold War–Style Vulnerability in Modern VoIP

CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones (FIXED)

Building the Future of Cloud Security: Rapid7 Recognized in Cloud Native Application Protection, Q1 2026

Metasploit Wrap-Up 02/13/2026

Carding-as-a-Service: The Underground Market of Stolen Cards

Patch Tuesday - February 2026

Measuring AI Security: Separating Signal from Panic

CVE-2026-1731: Critical Unauthenticated Remote Code Execution in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)

Vulnerability Found in InsightVM & Nexpose: CVE-2026-1814 (FIXED)

Metasploit Wrap-Up 02/06/2026

Chrysalis, Notepad++, and Supply Chain Risk: What it Means, and What to Do Next

Kelly Hiscoe Recognized Among CRN 2026 Channel Chiefs for Innovation and Impact

ICYMI: Experts on Experts – Season One Roundup

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Metasploit Wrap-Up 01/30/2026

Critical Ivanti Endpoint Manager Mobile (EPMM) zero-day exploited in the wild (CVE-2026-1281 & CVE-2026-1340)

Patch Tuesday and the Enduring Challenge of Windows’ Backwards Compatibility

The Rapid7 Blog:Your Signal in the Security Noise

Featured posts

Introducing Rapid7 MDR for Microsoft

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

How Modern SOCs are Fighting against Alert Fatigue

Introducing Rapid7 MDR for Microsoft

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

How Modern SOCs are Fighting against Alert Fatigue

Categories

Categories

Popular Tags

Popular Tags

New Report: The Digital Footprints of Many Executives Can Leave Their Companies Seriously Exposed

Alert Fatigue Isn’t Going Away. Here’s How Modern SOCs Are Fighting Back

Metasploit Wrap-Up 02/20/2026

Hacktivism and the Winter Olympics 2026: What We’re Seeing and What it Signals

The Phone is Listening: A Cold War–Style Vulnerability in Modern VoIP

CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones (FIXED)

Building the Future of Cloud Security: Rapid7 Recognized in Cloud Native Application Protection, Q1 2026

Metasploit Wrap-Up 02/13/2026

Carding-as-a-Service: The Underground Market of Stolen Cards

Patch Tuesday - February 2026

Measuring AI Security: Separating Signal from Panic

CVE-2026-1731: Critical Unauthenticated Remote Code Execution in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)

Vulnerability Found in InsightVM & Nexpose: CVE-2026-1814 (FIXED)

Metasploit Wrap-Up 02/06/2026

Chrysalis, Notepad++, and Supply Chain Risk: What it Means, and What to Do Next

Kelly Hiscoe Recognized Among CRN 2026 Channel Chiefs for Innovation and Impact

ICYMI: Experts on Experts – Season One Roundup

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Metasploit Wrap-Up 01/30/2026

Critical Ivanti Endpoint Manager Mobile (EPMM) zero-day exploited in the wild (CVE-2026-1281 & CVE-2026-1340)

Patch Tuesday and the Enduring Challenge of Windows’ Backwards Compatibility

The Rapid7 Blog:
Your Signal in the Security Noise