The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Rapid7's Q3 2025 Threat Landscape Report

Rapid7's Q3 2025 Threat Landscape Report

Read post
The End of Legacy SIEM as we Know it

The End of Legacy SIEM as we Know it

Read post
A New Meeting Invite, or a New Attack Vector?

A New Meeting Invite, or a New Attack Vector?

Read post
Rapid7’s Mid-Year Threat Review

Rapid7 Blog

Rapid7’s Mid-Year Threat Review

Tom Caiazza's avatar

Tom Caiazza

What's New in CVSS v4

Exposure Management

What's New in CVSS v4

Devin Krugly's avatar

Devin Krugly

Metasploit Weekly Wrap-Up: Aug. 11, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Aug. 11, 2023

Christopher Granleese's avatar

Christopher Granleese

Patch Tuesday - August 2023

Detection and Response

Patch Tuesday - August 2023

Adam Barnett's avatar

Adam Barnett

A Message from Rapid7 CEO, Corey Thomas

Rapid7 Blog

A Message from Rapid7 CEO, Corey Thomas

Corey Thomas's avatar

Corey Thomas

Metasploit Weekly Wrap-Up: Aug. 4, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Aug. 4, 2023

Zachary Goldman's avatar

Zachary Goldman

Why Physical Social Engineering Engagements are an Important Part of Security

Exposure Management

Why Physical Social Engineering Engagements are an Important Part of Security

Bennett Gogarty's avatar

Bennett Gogarty

Poorly Purged Medical Devices Present Security Concerns After Sale on Secondary Market

Threat Research

Poorly Purged Medical Devices Present Security Concerns After Sale on Secondary Market

Deral Heiland's avatar

Deral Heiland

CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability

Exposure Management

CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability

Stephen Fewer's avatar

Stephen Fewer

InsightAppSec Advanced Authentication Settings: Token Replacement

Products and Tools

InsightAppSec Advanced Authentication Settings: Token Replacement

Shane Queeney's avatar

Shane Queeney

New InsightCloudSec Compliance Pack for CIS AWS Benchmark 2.0.0

Exposure Management

New InsightCloudSec Compliance Pack for CIS AWS Benchmark 2.0.0

James Alaniz's avatar

James Alaniz

How To Present SecOps Metrics (The Right Way)

Industry Trends

How To Present SecOps Metrics (The Right Way)

Rapid7's avatar

Rapid7

Metasploit Weekly Wrap-Up: July 28, 2023

Exposure Management

Metasploit Weekly Wrap-Up: July 28, 2023

Christophe De La Fuente's avatar

Christophe De La Fuente

PenTales: There Are Many Ways to Infiltrate the Cloud

Exposure Management

PenTales: There Are Many Ways to Infiltrate the Cloud

Arvind Vishwakarma's avatar

Arvind Vishwakarma

CVE-2023-35078: Critical API Access Vulnerability in Ivanti Endpoint Manager Mobile

Threat Research

CVE-2023-35078: Critical API Access Vulnerability in Ivanti Endpoint Manager Mobile

Drew Burton's avatar

Drew Burton

Metasploit Weekly Wrap Up: July 21, 2023

Exposure Management

Metasploit Weekly Wrap Up: July 21, 2023

Jack Heysel's avatar

Jack Heysel

PenTales: Testing Security Health for a Healthcare Company

Industry Trends

PenTales: Testing Security Health for a Healthcare Company

Aaron Tennison's avatar

Aaron Tennison

The Japanese Technology and Media Attack Landscape

Threat Research

The Japanese Technology and Media Attack Landscape

Tom Caiazza's avatar

Tom Caiazza

CVE-2023-38205: Adobe ColdFusion Access Control Bypass [FIXED]

Exposure Management

CVE-2023-38205: Adobe ColdFusion Access Control Bypass [FIXED]

Stephen Fewer's avatar

Stephen Fewer

Critical Zero-Day Vulnerability in Citrix NetScaler ADC and NetScaler Gateway

Exposure Management

Critical Zero-Day Vulnerability in Citrix NetScaler ADC and NetScaler Gateway

Caitlin Condon's avatar

Caitlin Condon

Managing Risk Across Hybrid Environments with Executive Risk View

Cloud and Devops Security

Managing Risk Across Hybrid Environments with Executive Risk View

Pauline Logan's avatar

Pauline Logan