Rapid7

The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Sunsetting the Public AttackerKB Platform

Vulnerabilities and Exploits

Sunsetting the Public AttackerKB Platform

Douglas McKee, Director, Vulnerability Intelligence's avatar

Douglas McKee, Director, Vulnerability Intelligence

Rapid7 MDR Team Discovers New SonicWall SMA1000 Zero Days being Actively Exploited (CVE-2026-15409, CVE-2026-15410)

Vulnerabilities and Exploits

Rapid7 MDR Team Discovers New SonicWall SMA1000 Zero Days being Actively Exploited (CVE-2026-15409, CVE-2026-15410)

Rapid7's avatar

Rapid7

Investigating Persistence Mechanisms in AWS

Detection and Response

Investigating Persistence Mechanisms in AWS

Jan Blažek's avatar

Jan Blažek

Patch Tuesday - July 2026

Exposure Management

Patch Tuesday - July 2026

Adam Barnett's avatar

Adam Barnett

CVE-2026-55040: Microsoft SharePoint JWT Token Authentication Bypass (FIXED)

Vulnerabilities and Exploits

CVE-2026-55040: Microsoft SharePoint JWT Token Authentication Bypass (FIXED)

Stephen Fewer's avatar

Stephen Fewer

Rapid7 and Mindshare Partner to Accelerate Cyber Resilience Across the Middle East

Culture

Rapid7 and Mindshare Partner to Accelerate Cyber Resilience Across the Middle East

Gopan Sivasankaran's avatar

Gopan Sivasankaran

Weekly Metasploit Update: Exploits for FlowiseAI CSV Agent and MacOS Package Kit

Products and Tools

Weekly Metasploit Update: Exploits for FlowiseAI CSV Agent and MacOS Package Kit

Jack Heysel's avatar

Jack Heysel

Security Teams Are Ready To Become More Preemptive. What’s Holding Them Back?

Detection and Response

Security Teams Are Ready To Become More Preemptive. What’s Holding Them Back?

Emma Burdett's avatar

Emma Burdett

A Day With Your Vector Command Red Team Pod

Security Operations

A Day With Your Vector Command Red Team Pod

Trevor Christiansen's avatar

Trevor Christiansen

Weekly Metasploit Update: Modules for SMB-to-Meterpreter, Peyara Remote Mouse RCE exploit, and more

Products and Tools

Weekly Metasploit Update: Modules for SMB-to-Meterpreter, Peyara Remote Mouse RCE exploit, and more

Jack Heysel's avatar

Jack Heysel

Formalizing Red Teaming Offensive Methodology as a Multi-Agent AI Architecture

Security Operations

Formalizing Red Teaming Offensive Methodology as a Multi-Agent AI Architecture

Jacob Steadman's avatar

Jacob Steadman

5 Myths About AI in the SOC Security Teams Need to Rethink

Artificial Intelligence

5 Myths About AI in the SOC Security Teams Need to Rethink

Emma Burdett's avatar

Emma Burdett

Modernizing Global Vulnerability Standards For The Age Of AI

Artificial Intelligence

Modernizing Global Vulnerability Standards For The Age Of AI

Sabeen Malik's avatar

Sabeen Malik

Weekly Metasploit Update: Modules for Audiobookshelf, LiteLLM, Next.js, Dalfox and more

Products and Tools

Weekly Metasploit Update: Modules for Audiobookshelf, LiteLLM, Next.js, Dalfox and more

Simon Janusz's avatar

Simon Janusz

Experts on Experts: Why AI and Compliance Are Forcing A New Security Operating Model

Industry Trends

Experts on Experts: Why AI and Compliance Are Forcing A New Security Operating Model

Corey Thomas's avatar

Corey Thomas

Why SIEM is Moving Toward Unified Security Operations: Rapid7 Named a Major Player in IDC MarketScape

Detection and Response

Why SIEM is Moving Toward Unified Security Operations: Rapid7 Named a Major Player in IDC MarketScape

Rapid7's avatar

Rapid7

Weekly Metasploit Update: NTLM Relay Priv Esc, MCP Server Integration, Paperclip AI RCE Chain, and more

Products and Tools

Weekly Metasploit Update: NTLM Relay Priv Esc, MCP Server Integration, Paperclip AI RCE Chain, and more

Alan David Foster's avatar

Alan David Foster

Why Security Teams Need To Start Earlier

Industry Trends

Why Security Teams Need To Start Earlier

Tom Caiazza's avatar

Tom Caiazza

Malware à la Mode: Tracking Dropping Elephant Tradecraft Through a China-Themed Loader Chain

Threat Research

Malware à la Mode: Tracking Dropping Elephant Tradecraft Through a China-Themed Loader Chain

Anna Širokova's avatar

Anna Širokova

NIS2 is raising the bar. Here’s how to turn readiness into resilience.

Security Operations

NIS2 is raising the bar. Here’s how to turn readiness into resilience.

Sabeen Malik's avatar

Sabeen Malik

Does Your Security Programme Align With NIS2 Requirements?

Security Operations

Does Your Security Programme Align With NIS2 Requirements?

Sabeen Malik's avatar

Sabeen Malik