Posts tagged Research

CVE-2025-4365/CVE-2024-12284: NetScaler Console/SDX Authenticated Arbitrary File Read/Write (FIXED)

Vulnerabilities and Exploits

CVE-2025-4365/CVE-2024-12284: NetScaler Console/SDX Authenticated Arbitrary File Read/Write (FIXED)

Calum Hutton

Konica Minolta bizhub Multifunction Printer: Pass-Back Attack Vulnerability (NOT FIXED)

Vulnerabilities and Exploits

Konica Minolta bizhub Multifunction Printer: Pass-Back Attack Vulnerability (NOT FIXED)

Deral Heiland

From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains

Threat Research

From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains

Christiaan Beek

Scattered Spider: Rapid7 Insights, Observations, and Recommendations

Threat Research

Scattered Spider: Rapid7 Insights, Observations, and Recommendations

Rapid7 Labs

CVE-2025-6759: Citrix Virtual Apps and Desktops - Local Privilege Escalation (FIXED)

Vulnerabilities and Exploits

CVE-2025-6759: Citrix Virtual Apps and Desktops - Local Privilege Escalation (FIXED)

Brandon Fisher

Multiple Brother Devices: Multiple Vulnerabilities (FIXED)

Vulnerabilities and Exploits

Multiple Brother Devices: Multiple Vulnerabilities (FIXED)

Stephen Fewer

Rapid7 Q1 2025 Incident Response Findings

Detection and Response

Rapid7 Q1 2025 Incident Response Findings

Chris Boyd

CVE-2025-48045, CVE-2025-48046, CVE-2025-48047: MICI NetFax Server Product Vulnerabilities (NOT FIXED)

Vulnerabilities and Exploits

CVE-2025-48045, CVE-2025-48046, CVE-2025-48047: MICI NetFax Server Product Vulnerabilities (NOT FIXED)

Anna Katarina Quinn

NSIS Abuse and sRDI Shellcode: Anatomy of the Winos 4.0 Campaign

Vulnerabilities and Exploits

NSIS Abuse and sRDI Shellcode: Anatomy of the Winos 4.0 Campaign

Anna Širokova, Ivan Feigl

Multiple vulnerabilities in SonicWall SMA 100 series (FIXED)

Threat Research

Multiple vulnerabilities in SonicWall SMA 100 series (FIXED)

Ryan Emmons

2025 Ransomware: Business as Usual, Business is Booming

Detection and Response

2025 Ransomware: Business as Usual, Business is Booming

Chris Boyd

A Rebirth of a Cursed Existence? Examining ‘Babuk Locker 2.0’ Ransomware

Detection and Response

A Rebirth of a Cursed Existence? Examining ‘Babuk Locker 2.0’ Ransomware

Rapid7

Fake BianLian Ransomware Letters in Circulation

Detection and Response

Fake BianLian Ransomware Letters in Circulation

Chris Boyd

CVE-2025-1094: PostgreSQL psql SQL injection (FIXED)

Threat Research

CVE-2025-1094: PostgreSQL psql SQL injection (FIXED)

Stephen Fewer

How To Protect Your Organization's Bluesky Account From Security Threats

Threat Research

How To Protect Your Organization's Bluesky Account From Security Threats

Chris Boyd

The 2024 Ransomware Landscape: Looking back on another painful year

Threat Research

The 2024 Ransomware Landscape: Looking back on another painful year

Christiaan Beek

Perfect Fit or Business Threat? How to Mitigate the Risk of Rogue Employees

Threat Research

Perfect Fit or Business Threat? How to Mitigate the Risk of Rogue Employees

Chris Boyd

New Research: Enhancing Botnet Detection with AI using LLMs and Similarity Search

Security Operations

New Research: Enhancing Botnet Detection with AI using LLMs and Similarity Search

Tom Caiazza

Out With the Old, In With the New: Securely Disposing of Smart Devices

Threat Research

Out With the Old, In With the New: Securely Disposing of Smart Devices

Deral Heiland

2024 Threat Landscape Statistics: Ransomware Activity, Vulnerability Exploits, and Attack Trends

Exposure Management

2024 Threat Landscape Statistics: Ransomware Activity, Vulnerability Exploits, and Attack Trends

Rapid7 Labs

New “CleverSoar” Installer Targets Chinese and Vietnamese Users

Vulnerabilities and Exploits

New “CleverSoar” Installer Targets Chinese and Vietnamese Users

Natalie Zargarov