The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Featured posts

Rapid7's Q3 2025 Threat Landscape Report

The End of Legacy SIEM as we Know it

A New Meeting Invite, or a New Attack Vector?

Rapid7's Q3 2025 Threat Landscape Report

The End of Legacy SIEM as we Know it

A New Meeting Invite, or a New Attack Vector?

3611 Results

Active Exploitation of ZK Framework CVE-2022-36537

Threat Research

Active Exploitation of ZK Framework CVE-2022-36537

Stephen Fewer

Executive Webinar: Confronting Security Fears to Control Cyber Risk

Industry Trends

Executive Webinar: Confronting Security Fears to Control Cyber Risk

Rapid7

A Shifting Attack Landscape: Rapid7’s 2022 Vulnerability Intelligence Report

Exposure Management

A Shifting Attack Landscape: Rapid7’s 2022 Vulnerability Intelligence Report

Tom Caiazza

Metasploit Wrap-Up: 2/24/23

Exposure Management

Metasploit Wrap-Up: 2/24/23

Spencer McIntyre

The Next Generation of Managed Detection and Response is Here

Detection and Response

The Next Generation of Managed Detection and Response is Here

Jake Godgart

Metasploit Wrap-Up: 2/17/23

Exposure Management

Metasploit Wrap-Up: 2/17/23

Jacquie Harris

Rapid7 CEO Corey E. Thomas Appointed To National Security Telecommunications Advisory Committee

Industry Trends

Rapid7 CEO Corey E. Thomas Appointed To National Security Telecommunications Advisory Committee

Rapid7

CIEM is Required for Cloud Security and IAM Providers to Compete: Gartner® Report

Security Operations

CIEM is Required for Cloud Security and IAM Providers to Compete: Gartner® Report

Aaron Wells

Patch Tuesday - February 2023

Detection and Response

Patch Tuesday - February 2023

Adam Barnett

A Deep Dive into Reversing CODESYS

Threat Research

A Deep Dive into Reversing CODESYS

Tod Beardsley

Rapid7 and USF: Building a diverse cybersecurity workforce is not optional

Products and Tools

Rapid7 and USF: Building a diverse cybersecurity workforce is not optional

Rapid7

Metasploit Weekly Wrap-Up: 2/10/23

Exposure Management

Metasploit Weekly Wrap-Up: 2/10/23

Navya Harika Karaka

Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974

Detection and Response

Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974

Erick Galinkin

Evasion Techniques Uncovered: An Analysis of APT Methods

Detection and Response

Evasion Techniques Uncovered: An Analysis of APT Methods

Christiaan Beek

Year In Review: Rapid7 InsightIDR

Products and Tools

Year In Review: Rapid7 InsightIDR

Dina Durutlic

Rapid7 Recognized on Bloomberg Gender Equality Index, Continues Commitments to Support DEI

Rapid7 Blog

Rapid7 Recognized on Bloomberg Gender Equality Index, Continues Commitments to Support DEI

Rapid7

CVE-2022-21587: Rapid7 Observed Exploitation of Oracle E-Business Suite Vulnerability

Vulnerabilities and Exploits

CVE-2022-21587: Rapid7 Observed Exploitation of Oracle E-Business Suite Vulnerability

Glenn Thorpe

Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)

Vulnerabilities and Exploits

Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)

Tod Beardsley

CVE-2023-22501: Critical Broken Authentication Flaw in Jira Service Management Products

Exposure Management

CVE-2023-22501: Critical Broken Authentication Flaw in Jira Service Management Products

Caitlin Condon

Ransomware Campaign Compromising VMware ESXi Servers

Detection and Response

Ransomware Campaign Compromising VMware ESXi Servers

Caitlin Condon

Metasploit Weekly Wrap-Up: 2/2/23

Exposure Management

Metasploit Weekly Wrap-Up: 2/2/23

Dean Welch