The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
CVE-2023-35078: Critical API Access Vulnerability in Ivanti Endpoint Manager Mobile

Threat Research

CVE-2023-35078: Critical API Access Vulnerability in Ivanti Endpoint Manager Mobile

Drew Burton's avatar

Drew Burton

Metasploit Weekly Wrap Up: July 21, 2023

Exposure Management

Metasploit Weekly Wrap Up: July 21, 2023

Jack Heysel's avatar

Jack Heysel

PenTales: Testing Security Health for a Healthcare Company

Industry Trends

PenTales: Testing Security Health for a Healthcare Company

Aaron Tennison's avatar

Aaron Tennison

The Japanese Technology and Media Attack Landscape

Threat Research

The Japanese Technology and Media Attack Landscape

Tom Caiazza's avatar

Tom Caiazza

CVE-2023-38205: Adobe ColdFusion Access Control Bypass [FIXED]

Exposure Management

CVE-2023-38205: Adobe ColdFusion Access Control Bypass [FIXED]

Stephen Fewer's avatar

Stephen Fewer

Critical Zero-Day Vulnerability in Citrix NetScaler ADC and NetScaler Gateway

Exposure Management

Critical Zero-Day Vulnerability in Citrix NetScaler ADC and NetScaler Gateway

Caitlin Condon's avatar

Caitlin Condon

Managing Risk Across Hybrid Environments with Executive Risk View

Cloud and Devops Security

Managing Risk Across Hybrid Environments with Executive Risk View

Pauline Logan's avatar

Pauline Logan

Active Exploitation of Multiple Adobe ColdFusion Vulnerabilities

Vulnerabilities and Exploits

Active Exploitation of Multiple Adobe ColdFusion Vulnerabilities

Caitlin Condon's avatar

Caitlin Condon

[Lost Bots] S03 E04 A Security Leader’s Playbook for the C-suite

Industry Trends

[Lost Bots] S03 E04 A Security Leader’s Playbook for the C-suite

Amy Hunt's avatar

Amy Hunt

Metasploit Weekly Wrap-Up: July 14, 2023

Exposure Management

Metasploit Weekly Wrap-Up: July 14, 2023

Navya Harika Karaka's avatar

Navya Harika Karaka

The Japanese Financial Services Attack Landscape

Threat Research

The Japanese Financial Services Attack Landscape

Tom Caiazza's avatar

Tom Caiazza

PenTales: Old Vulnerabilities, New Tricks

Exposure Management

PenTales: Old Vulnerabilities, New Tricks

Austin Guidry's avatar

Austin Guidry

Old Blackmoon Trojan, NEW Monetization Approach

Exposure Management

Old Blackmoon Trojan, NEW Monetization Approach

Natalie Zargarov's avatar

Natalie Zargarov

SonicWall Recommends Urgent Patching for GMS and Analytics CVEs

Exposure Management

SonicWall Recommends Urgent Patching for GMS and Analytics CVEs

Caitlin Condon's avatar

Caitlin Condon

Patch Tuesday - July 2023

Detection and Response

Patch Tuesday - July 2023

Adam Barnett's avatar

Adam Barnett

CVE-2023-29298: Adobe ColdFusion Access Control Bypass

Exposure Management

CVE-2023-29298: Adobe ColdFusion Access Control Bypass

Stephen Fewer's avatar

Stephen Fewer

What’s New in Rapid7 Detection & Response: Q2 2023 in Review

Products and Tools

What’s New in Rapid7 Detection & Response: Q2 2023 in Review

Stacy Moran's avatar

Stacy Moran

Metasploit Weekly Wrap-Up: 7/7/23

Exposure Management

Metasploit Weekly Wrap-Up: 7/7/23

Dean Welch's avatar

Dean Welch

Showcasing SecOps Metrics That Matter

Security Operations

Showcasing SecOps Metrics That Matter

Rapid7's avatar

Rapid7

The Japanese Automotive Industry Attack Landscape

Rapid7 Blog

The Japanese Automotive Industry Attack Landscape

Tom Caiazza's avatar

Tom Caiazza

PenTales: “User enumeration is not a vulnerability” – I beg to differ

Exposure Management

PenTales: “User enumeration is not a vulnerability” – I beg to differ

Ben Leiden's avatar

Ben Leiden