Back to Blog

Posts tagged Emergent Threat Response

Critical Ivanti Endpoint Manager Mobile (EPMM) zero-day exploited in the wild (CVE-2026-1281 & CVE-2026-1340)

Vulnerabilities and Exploits

Critical Ivanti Endpoint Manager Mobile (EPMM) zero-day exploited in the wild (CVE-2026-1281 & CVE-2026-1340)

Rapid7's avatar

Rapid7

Multiple Critical SolarWinds Web Help Desk Vulnerabilities: CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554

Vulnerabilities and Exploits

Multiple Critical SolarWinds Web Help Desk Vulnerabilities: CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554

Rapid7's avatar

Rapid7

Ni8mare and N8scape flaws among multiple critical vulnerabilities affecting n8n

Vulnerabilities and Exploits

Ni8mare and N8scape flaws among multiple critical vulnerabilities affecting n8n

Rapid7's avatar

Rapid7

MongoBleed CVE-2025-14847: Critical Memory Leak in MongoDB Allowing Attackers to Extract Sensitive Data

Vulnerabilities and Exploits

MongoBleed CVE-2025-14847: Critical Memory Leak in MongoDB Allowing Attackers to Extract Sensitive Data

Rapid7's avatar

Rapid7

CVE-2025-37164: Critical unauthenticated RCE affecting Hewlett Packard Enterprise OneView

Vulnerabilities and Exploits

CVE-2025-37164: Critical unauthenticated RCE affecting Hewlett Packard Enterprise OneView

Rapid7's avatar

Rapid7

Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719, CVE-2026-24858 exploited in the wild

Vulnerabilities and Exploits

Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719, CVE-2026-24858 exploited in the wild

Rapid7's avatar

Rapid7

React2Shell (CVE-2025-55182) - Critical unauthenticated RCE affecting React Server Components

Vulnerabilities and Exploits

React2Shell (CVE-2025-55182) - Critical unauthenticated RCE affecting React Server Components

Rapid7's avatar

Rapid7

CVE-2025-64446: Critical Vulnerability in Fortinet FortiWeb Exploited in the Wild

Vulnerabilities and Exploits

CVE-2025-64446: Critical Vulnerability in Fortinet FortiWeb Exploited in the Wild

Rapid7's avatar

Rapid7

CVE-2025-61882: Critical 0day in Oracle E-Business Suite exploited in-the-wild

Vulnerabilities and Exploits

CVE-2025-61882: Critical 0day in Oracle E-Business Suite exploited in-the-wild

Stephen Fewer's avatar
Christiaan Beek's avatar

Stephen Fewer, Christiaan Beek

Microsoft 365 Direct Send Abuse

Detection and Response

Microsoft 365 Direct Send Abuse

Rapid7's avatar

Rapid7

CVE-2025-20333, CVE-2025-20362, CVE-2025-20363 - Multiple critical vulnerabilities affecting Cisco products

Vulnerabilities and Exploits

CVE-2025-20333, CVE-2025-20362, CVE-2025-20363 - Multiple critical vulnerabilities affecting Cisco products

Ryan Emmons's avatar

Ryan Emmons

CVE-2025-10035 - Critical unauthenticated RCE in GoAnywhere MFT

Vulnerabilities and Exploits

CVE-2025-10035 - Critical unauthenticated RCE in GoAnywhere MFT

Stephen Fewer's avatar

Stephen Fewer

Akira Ransomware Group Utilizing SonicWall Devices for Initial Access

Detection and Response

Akira Ransomware Group Utilizing SonicWall Devices for Initial Access

Rapid7's avatar

Rapid7

CVE-2025-7775: Critical NetScaler vulnerability exploited in-the-wild

Vulnerabilities and Exploits

CVE-2025-7775: Critical NetScaler vulnerability exploited in-the-wild

Stephen Fewer's avatar

Stephen Fewer

CVE-2025-53770 - Zero-day exploitation in the wild of Microsoft SharePoint servers

Vulnerabilities and Exploits

CVE-2025-53770 - Zero-day exploitation in the wild of Microsoft SharePoint servers

Rapid7's avatar

Rapid7

CVE-2025-54309: CrushFTP Zero-Day Exploited in the Wild

Vulnerabilities and Exploits

CVE-2025-54309: CrushFTP Zero-Day Exploited in the Wild

Ryan Emmons's avatar

Ryan Emmons

Critical Veeam Backup & Replication CVE-2025-23121

Vulnerabilities and Exploits

Critical Veeam Backup & Replication CVE-2025-23121

Rapid7's avatar

Rapid7

CVE-2025-6543: Zero Day Exploitation of NetScaler ADC and NetScaler Gateway

Vulnerabilities and Exploits

CVE-2025-6543: Zero Day Exploitation of NetScaler ADC and NetScaler Gateway

Stephen Fewer's avatar

Stephen Fewer

Ivanti Endpoint Manager Mobile exploit chain exploited in the wild

Products and Tools

Ivanti Endpoint Manager Mobile exploit chain exploited in the wild

Ryan Emmons's avatar

Ryan Emmons

CVE-2025-32756 Exploited in the Wild, Affecting Multiple Fortinet Products

Products and Tools

CVE-2025-32756 Exploited in the Wild, Affecting Multiple Fortinet Products

Stephen Fewer's avatar

Stephen Fewer

Active exploitation of SAP NetWeaver Visual Composer CVE-2025-31324

Exposure Management

Active exploitation of SAP NetWeaver Visual Composer CVE-2025-31324

Caitlin Condon's avatar

Caitlin Condon