The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

How Modern SOCs are Fighting against Alert Fatigue

How Modern SOCs are Fighting against Alert Fatigue

Read post
Manage Enterprise Risk at Scale with a Unified, Holistic Approach

Cloud and Devops Security

Manage Enterprise Risk at Scale with a Unified, Holistic Approach

Rapid7's avatar

Rapid7

Patch Tuesday - November 2023

Exposure Management

Patch Tuesday - November 2023

Adam Barnett's avatar

Adam Barnett

Metasploit Weekly Wrap-Up 11/10/23

Products and Tools

Metasploit Weekly Wrap-Up 11/10/23

Brendan Watters's avatar

Brendan Watters

CVE-2023-5950 Rapid7 Velociraptor Reflected XSS

Vulnerabilities and Exploits

CVE-2023-5950 Rapid7 Velociraptor Reflected XSS

Dr. Mike Cohen's avatar

Dr. Mike Cohen

Be Empathetic and Hug Your CISO More!

Industry Trends

Be Empathetic and Hug Your CISO More!

Owen Holland's avatar

Owen Holland

NEW RESEARCH: Artificial intelligence and Machine Learning Can Be Used to Stop DAST Attacks Before they Start

Security Operations

NEW RESEARCH: Artificial intelligence and Machine Learning Can Be Used to Stop DAST Attacks Before they Start

Tom Caiazza's avatar

Tom Caiazza

CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest

Vulnerabilities and Exploits

CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest

Caitlin Condon's avatar

Caitlin Condon

GhostLocker - A “Work In Progress” RaaS

Detection and Response

GhostLocker - A “Work In Progress” RaaS

Natalie Zargarov's avatar

Natalie Zargarov

Setup of Discovery Connection Azure

Products and Tools

Setup of Discovery Connection Azure

Rapid7's avatar

Rapid7

Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518

Vulnerabilities and Exploits

Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518

Rapid7's avatar

Rapid7

Metasploit Weekly Wrap-Up: Nov. 3, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Nov. 3, 2023

Dean Welch's avatar

Dean Welch

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604

Vulnerabilities and Exploits

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604

Rapid7's avatar

Rapid7

Is That Smart Home Technology Secure? Here’s How You Can Find Out.

Threat Research

Is That Smart Home Technology Secure? Here’s How You Can Find Out.

Deral Heiland's avatar

Deral Heiland

Metasploit Weekly Wrap-Up: Oct. 27, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Oct. 27, 2023

Christopher Granleese's avatar

Christopher Granleese

CVE-2023-4966: Exploitation of Citrix NetScaler Information Disclosure Vulnerability

Vulnerabilities and Exploits

CVE-2023-4966: Exploitation of Citrix NetScaler Information Disclosure Vulnerability

Rapid7's avatar

Rapid7

Metasploit Weekly Wrap-Up: Oct. 19, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Oct. 19, 2023

Brendan Watters's avatar

Brendan Watters

CVE-2023-20198: Active Exploitation of Cisco IOS XE Zero-Day Vulnerability

Vulnerabilities and Exploits

CVE-2023-20198: Active Exploitation of Cisco IOS XE Zero-Day Vulnerability

Caitlin Condon's avatar

Caitlin Condon

Cloud Webinar Series Part 1: Commanding Cloud Strategies

Products and Tools

Cloud Webinar Series Part 1: Commanding Cloud Strategies

Owen Holland's avatar

Owen Holland

Multiple Vulnerabilities in South River Technologies Titan MFT and Titan SFTP [FIXED]

Vulnerabilities and Exploits

Multiple Vulnerabilities in South River Technologies Titan MFT and Titan SFTP [FIXED]

Ron Bowes's avatar

Ron Bowes

Metasploit Weekly Wrap-Up: Oct. 13, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Oct. 13, 2023

Christophe De La Fuente's avatar

Christophe De La Fuente

The Risks of Exposing DICOM Data to the Internet

Threat Research

The Risks of Exposing DICOM Data to the Internet

Christiaan Beek's avatar

Christiaan Beek