Metasploit Wrap-Up 04/03/2026
Additional Adapters and More ModulesThis week, we added a whole new bunch of HTTP/HTTPS-based CMD payloads for X64 and X86 versions of Windows. The...
You Don’t Have a Security Problem, You Have a Visibility Problem
What you’ll learn in this articleThis article explains why many breaches are driven by gaps in visibility rather than advanced exploits, how attackers move...
New Whitepaper: Stealthy BPFDoor Variants are a Needle That Looks Like Hay
Executive OverviewAdvanced persistent threats (APTs) are constantly and consistently changing tactics as network defenders plug holes in defenses. Static indicators of compromise (IoCs) for...
What CISOs Should Expect from AI Powered MDR in 2026, According to Rapid7 CEO...
In the latest episode of Rapid7’s Experts on Experts, I’m joined by Rapid7 CEO Corey Thomas for a candid conversation about where AI is...
Initial Access Brokers have Shifted to High-Value Targets and Premium Pricing
Initial Access Brokers (IABs) are a key component of the cybercrime ecosystem, offering hassle-free building blocks for ransomware, data theft, and extortion. Rapid7’s analysis...
Red Teaming in 2026: What to Expect at our 2026 Global Cybersecurity Summit
Red teaming has always played a role in testing defenses, but in 2026 its role is changing. Security teams are no longer asking whether...
Metasploit Wrap-Up 03/27/2026
Better NTLM Relaying FunctionalityThis week’s release brings an improvement to the SMB NTLM relay server. In the past, it’s support has been expanded with...
Why CVSS is No Longer Enough for Exposure Management
For years, cybersecurity professionals have relied on a familiar metric to dictate their day-to-day priorities: the Common Vulnerability Scoring System (CVSS). In today’s hyper-connected,...
BPFdoor in Telecom Networks: Sleeper Cells in the Backbone
Executive overviewThe strategic positioning of covert access within the world’s telecommunication networksA months-long investigation by Rapid7 Labs has uncovered evidence of an advanced China-nexus...
New Whitepaper: Exploiting Cellular-based IoT Devices
Rapid7 has released a whitepaper titled “The Weaponization of Cellular Based IoT Technology,” by Deral Heiland, principal security researcher, IoT, at Rapid7, and Carlota...
Latest article
Amazon Cognito unlocks advanced capabilities with next-generation infrastructure
Amazon Cognito recently introduced high-throughput performance for demanding workloads, customer-managed keys for full control over data encryption at rest, and multi- Region replication for...
Gartner SRM 2026 Signals a Cybersecurity Shift From Prevention to Resilience
Gartner SRM 2026 put resilience, identity, and AI agent governance at the center of cybersecurity strategy as prevention loses ground.
The post Gartner SRM 2026...
Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites
Critical Everest Forms Pro RCE flaw exploited to create rogue WordPress admin accounts - Read more
CVE-2026-48567 Azure HorizonDB Elevation of Privilege Vulnerability
Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network. - Read more
