The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Featured posts

Rapid7's Q3 2025 Threat Landscape Report

The End of Legacy SIEM as we Know it

A New Meeting Invite, or a New Attack Vector?

Rapid7's Q3 2025 Threat Landscape Report

The End of Legacy SIEM as we Know it

A New Meeting Invite, or a New Attack Vector?

3610 Results

From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains

Threat Research

From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains

Christiaan Beek

Metasploit Wrap-Up 07/03/2025

Products and Tools

Metasploit Wrap-Up 07/03/2025

Jack Heysel

Scattered Spider: Rapid7 Insights, Observations, and Recommendations

Threat Research

Scattered Spider: Rapid7 Insights, Observations, and Recommendations

Rapid7 Labs

CVE-2025-6759: Citrix Virtual Apps and Desktops - Local Privilege Escalation (FIXED)

Vulnerabilities and Exploits

CVE-2025-6759: Citrix Virtual Apps and Desktops - Local Privilege Escalation (FIXED)

Brandon Fisher

Coverage Plus Context Equals Intelligent Exposure Management

Vulnerabilities and Exploits

Coverage Plus Context Equals Intelligent Exposure Management

Joel Alcon

Being Fearless in Pentesting: Testing Sensitive Resources

Security Operations

Being Fearless in Pentesting: Testing Sensitive Resources

Anna Katarina Quinn

Multiple Brother Devices: Multiple Vulnerabilities (FIXED)

Vulnerabilities and Exploits

Multiple Brother Devices: Multiple Vulnerabilities (FIXED)

Stephen Fewer

Key Takeaways from the Take Command Summit 2025: Demystifying Cloud Detection & Response – The Future of SOC and MDR

Industry Trends

Key Takeaways from the Take Command Summit 2025: Demystifying Cloud Detection & Response – The Future of SOC and MDR

Rapid7

Patch Tuesday - June 2025

Rapid7 Blog

Patch Tuesday - June 2025

Adam Barnett

BlackSuit Continues Social Engineering Attacks in Wake of Black Basta’s Internal Conflict

Vulnerabilities and Exploits

BlackSuit Continues Social Engineering Attacks in Wake of Black Basta’s Internal Conflict

Tyler McGraw

5 Things Security Leaders Need to Know About Agentic AI

Artificial Intelligence

5 Things Security Leaders Need to Know About Agentic AI

Emma Burdett

Metasploit Wrap-Up 06/06/2025

Products and Tools

Metasploit Wrap-Up 06/06/2025

Rapid7

Cultivating Growth and Development at Rapid7

Culture

Cultivating Growth and Development at Rapid7

Rapid7

India's Cyber Leaders Prepare for AI-Driven Threats

Culture

India's Cyber Leaders Prepare for AI-Driven Threats

Rapid7

Navigating AWS Migration: Achieving Clarity and Confidence

Cloud and Devops Security

Navigating AWS Migration: Achieving Clarity and Confidence

Tim Schmidt

Rapid7 Q1 2025 Incident Response Findings

Detection and Response

Rapid7 Q1 2025 Incident Response Findings

Chris Boyd

Introducing AI Attack Coverage in Exposure Command: Secure what traditional AppSec Tools miss

Security Operations

Introducing AI Attack Coverage in Exposure Command: Secure what traditional AppSec Tools miss

Michael Chroney

From Ideology to Financial Gain: Exploring the Convergence from Hacktivism to Cybercrime

Threat Research

From Ideology to Financial Gain: Exploring the Convergence from Hacktivism to Cybercrime

Alexandra Blia, Yaniv Allender

Key Takeaways from the Take Command Summit 2025: Risk Revolution – Proactive Strategies for Exposure Management

Industry Trends

Key Takeaways from the Take Command Summit 2025: Risk Revolution – Proactive Strategies for Exposure Management

Rapid7

Seeing Is Securing: How Surface Command Expands MDR Visibility and Impact

Products and Tools

Seeing Is Securing: How Surface Command Expands MDR Visibility and Impact

Conner Goldstein

Metasploit Wrap-Up 05/30/2025

Exposure Management

Metasploit Wrap-Up 05/30/2025

Spencer McIntyre