The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
Empowering Our Partners: The New Rapid7 Partner Academy Is Hitting The Mark

Culture

Empowering Our Partners: The New Rapid7 Partner Academy Is Hitting The Mark

Rapid7's avatar

Rapid7

Filch Stealer: A new infostealer leveraging old techniques

Threat Research

Filch Stealer: A new infostealer leveraging old techniques

Ivan Feigl's avatar

Ivan Feigl

Rapid7 Recognized by Boston Business Journal as a Best Place to Work

Culture

Rapid7 Recognized by Boston Business Journal as a Best Place to Work

Rapid7's avatar

Rapid7

Metasploit Weekly Wrap-Up 06/17/2025

Products and Tools

Metasploit Weekly Wrap-Up 06/17/2025

Simon Janusz's avatar

Simon Janusz

Innovative Tunnelling and Forensic Tool Abuse: IR Tales from the Field

Detection and Response

Innovative Tunnelling and Forensic Tool Abuse: IR Tales from the Field

Rapid7's avatar

Rapid7

Critical Veeam Backup & Replication CVE-2025-23121

Vulnerabilities and Exploits

Critical Veeam Backup & Replication CVE-2025-23121

Rapid7's avatar

Rapid7

Key Takeaways from the Take Command Summit 2025: Rise of the Machines – Building Cyber Resilience with AI

Industry Trends

Key Takeaways from the Take Command Summit 2025: Rise of the Machines – Building Cyber Resilience with AI

Rapid7's avatar

Rapid7

Outsmarting Risk: New Ebook Shows You How to Shift from Reactive Security to Strategic Exposure Management

Exposure Management

Outsmarting Risk: New Ebook Shows You How to Shift from Reactive Security to Strategic Exposure Management

Rapid7's avatar

Rapid7

Metasploit Wrap-Up 06/20/2025

Products and Tools

Metasploit Wrap-Up 06/20/2025

Jack Heysel's avatar

Jack Heysel

Key Takeaways from the Take Command Summit 2025: Inside the SOC – Expert Stories from the Frontlines of Threat Hunting and Malware Detection

Industry Trends

Key Takeaways from the Take Command Summit 2025: Inside the SOC – Expert Stories from the Frontlines of Threat Hunting and Malware Detection

Rapid7's avatar

Rapid7

CVE-2025-4365/CVE-2024-12284: NetScaler Console/SDX Authenticated Arbitrary File Read/Write (FIXED)

Vulnerabilities and Exploits

CVE-2025-4365/CVE-2024-12284: NetScaler Console/SDX Authenticated Arbitrary File Read/Write (FIXED)

Calum Hutton's avatar

Calum Hutton

Metasploit Wrap-Up 06/27/25

Products and Tools

Metasploit Wrap-Up 06/27/25

Spencer McIntyre's avatar

Spencer McIntyre

Konica Minolta bizhub Multifunction Printer: Pass-Back Attack Vulnerability (NOT FIXED)

Vulnerabilities and Exploits

Konica Minolta bizhub Multifunction Printer: Pass-Back Attack Vulnerability (NOT FIXED)

Deral Heiland's avatar

Deral Heiland

CVE-2025-6543: Zero Day Exploitation of NetScaler ADC and NetScaler Gateway

Vulnerabilities and Exploits

CVE-2025-6543: Zero Day Exploitation of NetScaler ADC and NetScaler Gateway

Stephen Fewer's avatar

Stephen Fewer

3 Ways Social Engineering Is Evolving and What Security Teams Must Do Next

Industry Trends

3 Ways Social Engineering Is Evolving and What Security Teams Must Do Next

Emma Burdett's avatar

Emma Burdett

Key Takeaways from the Take Command Summit 2025: Outpacing the Adversary – Red Teaming in a Complex Threat Landscape

Industry Trends

Key Takeaways from the Take Command Summit 2025: Outpacing the Adversary – Red Teaming in a Complex Threat Landscape

Rapid7's avatar

Rapid7

Key Takeaways from the Take Command Summit 2025: AI in Action – How Rapid7 is Redefining Security Operations

Industry Trends

Key Takeaways from the Take Command Summit 2025: AI in Action – How Rapid7 is Redefining Security Operations

Rapid7's avatar

Rapid7

From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains

Threat Research

From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains

Christiaan Beek's avatar

Christiaan Beek

Metasploit Wrap-Up 07/03/2025

Products and Tools

Metasploit Wrap-Up 07/03/2025

Jack Heysel's avatar

Jack Heysel

Scattered Spider: Rapid7 Insights, Observations, and Recommendations

Threat Research

Scattered Spider: Rapid7 Insights, Observations, and Recommendations

Rapid7 Labs's avatar

Rapid7 Labs

CVE-2025-6759: Citrix Virtual Apps and Desktops - Local Privilege Escalation (FIXED)

Vulnerabilities and Exploits

CVE-2025-6759: Citrix Virtual Apps and Desktops - Local Privilege Escalation (FIXED)

Brandon Fisher's avatar

Brandon Fisher