The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
Metasploit Weekly Wrap-Up 06/17/2025

Products and Tools

Metasploit Weekly Wrap-Up 06/17/2025

Simon Janusz's avatar

Simon Janusz

Innovative Tunnelling and Forensic Tool Abuse: IR Tales from the Field

Detection and Response

Innovative Tunnelling and Forensic Tool Abuse: IR Tales from the Field

Rapid7's avatar

Rapid7

Critical Veeam Backup & Replication CVE-2025-23121

Vulnerabilities and Exploits

Critical Veeam Backup & Replication CVE-2025-23121

Rapid7's avatar

Rapid7

Key Takeaways from the Take Command Summit 2025: Rise of the Machines – Building Cyber Resilience with AI

Industry Trends

Key Takeaways from the Take Command Summit 2025: Rise of the Machines – Building Cyber Resilience with AI

Rapid7's avatar

Rapid7

Outsmarting Risk: New Ebook Shows You How to Shift from Reactive Security to Strategic Exposure Management

Exposure Management

Outsmarting Risk: New Ebook Shows You How to Shift from Reactive Security to Strategic Exposure Management

Rapid7's avatar

Rapid7

Metasploit Wrap-Up 06/20/2025

Products and Tools

Metasploit Wrap-Up 06/20/2025

Jack Heysel's avatar

Jack Heysel

Key Takeaways from the Take Command Summit 2025: Inside the SOC – Expert Stories from the Frontlines of Threat Hunting and Malware Detection

Industry Trends

Key Takeaways from the Take Command Summit 2025: Inside the SOC – Expert Stories from the Frontlines of Threat Hunting and Malware Detection

Rapid7's avatar

Rapid7

CVE-2025-4365/CVE-2024-12284: NetScaler Console/SDX Authenticated Arbitrary File Read/Write (FIXED)

Vulnerabilities and Exploits

CVE-2025-4365/CVE-2024-12284: NetScaler Console/SDX Authenticated Arbitrary File Read/Write (FIXED)

Calum Hutton's avatar

Calum Hutton

Metasploit Wrap-Up 06/27/25

Products and Tools

Metasploit Wrap-Up 06/27/25

Spencer McIntyre's avatar

Spencer McIntyre

Konica Minolta bizhub Multifunction Printer: Pass-Back Attack Vulnerability (NOT FIXED)

Vulnerabilities and Exploits

Konica Minolta bizhub Multifunction Printer: Pass-Back Attack Vulnerability (NOT FIXED)

Deral Heiland's avatar

Deral Heiland

CVE-2025-6543: Zero Day Exploitation of NetScaler ADC and NetScaler Gateway

Vulnerabilities and Exploits

CVE-2025-6543: Zero Day Exploitation of NetScaler ADC and NetScaler Gateway

Stephen Fewer's avatar

Stephen Fewer

3 Ways Social Engineering Is Evolving and What Security Teams Must Do Next

Industry Trends

3 Ways Social Engineering Is Evolving and What Security Teams Must Do Next

Emma Burdett's avatar

Emma Burdett

Key Takeaways from the Take Command Summit 2025: Outpacing the Adversary – Red Teaming in a Complex Threat Landscape

Industry Trends

Key Takeaways from the Take Command Summit 2025: Outpacing the Adversary – Red Teaming in a Complex Threat Landscape

Rapid7's avatar

Rapid7

Key Takeaways from the Take Command Summit 2025: AI in Action – How Rapid7 is Redefining Security Operations

Industry Trends

Key Takeaways from the Take Command Summit 2025: AI in Action – How Rapid7 is Redefining Security Operations

Rapid7's avatar

Rapid7

From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains

Threat Research

From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains

Christiaan Beek's avatar

Christiaan Beek

Metasploit Wrap-Up 07/03/2025

Products and Tools

Metasploit Wrap-Up 07/03/2025

Jack Heysel's avatar

Jack Heysel

Scattered Spider: Rapid7 Insights, Observations, and Recommendations

Threat Research

Scattered Spider: Rapid7 Insights, Observations, and Recommendations

Rapid7 Labs's avatar

Rapid7 Labs

CVE-2025-6759: Citrix Virtual Apps and Desktops - Local Privilege Escalation (FIXED)

Vulnerabilities and Exploits

CVE-2025-6759: Citrix Virtual Apps and Desktops - Local Privilege Escalation (FIXED)

Brandon Fisher's avatar

Brandon Fisher

Coverage Plus Context Equals Intelligent Exposure Management

Vulnerabilities and Exploits

Coverage Plus Context Equals Intelligent Exposure Management

Joel Alcon's avatar

Joel Alcon

Being Fearless in Pentesting: Testing Sensitive Resources

Security Operations

Being Fearless in Pentesting: Testing Sensitive Resources

Anna Katarina Quinn's avatar

Anna Katarina Quinn

Multiple Brother Devices: Multiple Vulnerabilities (FIXED)

Vulnerabilities and Exploits

Multiple Brother Devices: Multiple Vulnerabilities (FIXED)

Stephen Fewer's avatar

Stephen Fewer