Rapid7 Cybersecurity Blog & Latest Vulnerability News

Cloud and Devops Security

Building the Future of Cloud Security: Rapid7 Recognized as a Contender in Cloud Native Application Protection, Q1 2026

Rapid7

Products and Tools

Metasploit Wrap-Up 02/13/2026

Christopher Granleese

Threat Research

Carding-as-a-Service: The Underground Market of Stolen Cards

Alexandra Blia, Maor Weinberger +1

Exposure Management

Patch Tuesday - February 2026

Adam Barnett

Threat Research

Measuring AI Security: Separating Signal from Panic

Christiaan Beek

Vulnerabilities and Exploits

CVE-2026-1731: Critical Unauthenticated Remote Code Execution in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)

Rapid7

Vulnerabilities and Exploits

Vulnerability Found in InsightVM & Nexpose: CVE-2026-1814 (FIXED)

Rapid7

Products and Tools

Metasploit Wrap-Up 02/06/2026

Christopher Granleese

Threat Research

Chrysalis, Notepad++, and Supply Chain Risk: What it Means, and What to Do Next

Rapid7

Culture

Kelly Hiscoe Recognized Among CRN 2026 Channel Chiefs for Innovation and Impact

Rapid7

Industry Trends

ICYMI: Experts on Experts – Season One Roundup

Emma Burdett

Threat Research

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Ivan Feigl

Products and Tools

Metasploit Wrap-Up 01/30/2026

Spencer McIntyre

Vulnerabilities and Exploits

Critical Ivanti Endpoint Manager Mobile (EPMM) zero-day exploited in the wild (CVE-2026-1281 & CVE-2026-1340)

Rapid7

Vulnerabilities and Exploits

Patch Tuesday and the Enduring Challenge of Windows’ Backwards Compatibility

Adam Barnett

Vulnerabilities and Exploits

Multiple Critical SolarWinds Web Help Desk Vulnerabilities: CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554

Rapid7

Detection and Response

Threat Actors Using AWS WorkMail in Phishing Campaigns

Jan Blažek, Calvin House

Exposure Management

The End of the Road for Cisco Kenna: Take a Measured Path into Exposure Management

Michael Chroney

Products and Tools

Metasploit Wrap-Up 01/23/2026

Jack Heysel

Industry Trends

From Signals to Strategy: What Security Teams Must Prepare for in 2026

Rapid7

Products and Tools

Rapid7 MDR Integrates Microsoft Defender Signals to Create Tangible Security Outcomes

Rapid7

The Rapid7 Blog:
Your Signal in the Security Noise

Featured posts

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Categories

Popular Tags

Building the Future of Cloud Security: Rapid7 Recognized as a Contender in Cloud Native Application Protection, Q1 2026

Metasploit Wrap-Up 02/13/2026

Carding-as-a-Service: The Underground Market of Stolen Cards

Patch Tuesday - February 2026

Measuring AI Security: Separating Signal from Panic

CVE-2026-1731: Critical Unauthenticated Remote Code Execution in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)

Vulnerability Found in InsightVM & Nexpose: CVE-2026-1814 (FIXED)

Metasploit Wrap-Up 02/06/2026

Chrysalis, Notepad++, and Supply Chain Risk: What it Means, and What to Do Next

Kelly Hiscoe Recognized Among CRN 2026 Channel Chiefs for Innovation and Impact

ICYMI: Experts on Experts – Season One Roundup

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Metasploit Wrap-Up 01/30/2026

Critical Ivanti Endpoint Manager Mobile (EPMM) zero-day exploited in the wild (CVE-2026-1281 & CVE-2026-1340)

Patch Tuesday and the Enduring Challenge of Windows’ Backwards Compatibility

Multiple Critical SolarWinds Web Help Desk Vulnerabilities: CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554

Threat Actors Using AWS WorkMail in Phishing Campaigns

The End of the Road for Cisco Kenna: Take a Measured Path into Exposure Management

Metasploit Wrap-Up 01/23/2026

From Signals to Strategy: What Security Teams Must Prepare for in 2026

Rapid7 MDR Integrates Microsoft Defender Signals to Create Tangible Security Outcomes

The Rapid7 Blog:Your Signal in the Security Noise

Featured posts

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Categories

Categories

Popular Tags

Popular Tags

Building the Future of Cloud Security: Rapid7 Recognized as a Contender in Cloud Native Application Protection, Q1 2026

Metasploit Wrap-Up 02/13/2026

Carding-as-a-Service: The Underground Market of Stolen Cards

Patch Tuesday - February 2026

Measuring AI Security: Separating Signal from Panic

CVE-2026-1731: Critical Unauthenticated Remote Code Execution in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)

Vulnerability Found in InsightVM & Nexpose: CVE-2026-1814 (FIXED)

Metasploit Wrap-Up 02/06/2026

Chrysalis, Notepad++, and Supply Chain Risk: What it Means, and What to Do Next

Kelly Hiscoe Recognized Among CRN 2026 Channel Chiefs for Innovation and Impact

ICYMI: Experts on Experts – Season One Roundup

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Metasploit Wrap-Up 01/30/2026

Critical Ivanti Endpoint Manager Mobile (EPMM) zero-day exploited in the wild (CVE-2026-1281 & CVE-2026-1340)

Patch Tuesday and the Enduring Challenge of Windows’ Backwards Compatibility

Multiple Critical SolarWinds Web Help Desk Vulnerabilities: CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554

Threat Actors Using AWS WorkMail in Phishing Campaigns

The End of the Road for Cisco Kenna: Take a Measured Path into Exposure Management

Metasploit Wrap-Up 01/23/2026

From Signals to Strategy: What Security Teams Must Prepare for in 2026

Rapid7 MDR Integrates Microsoft Defender Signals to Create Tangible Security Outcomes

The Rapid7 Blog:
Your Signal in the Security Noise