You Don’t Have a Security Problem, You Have a Visibility Problem
What you’ll learn in this articleThis article explains why many breaches are driven by gaps in visibility rather than advanced exploits, how attackers move...
New Whitepaper: Stealthy BPFDoor Variants are a Needle That Looks Like Hay
Executive OverviewAdvanced persistent threats (APTs) are constantly and consistently changing tactics as network defenders plug holes in defenses. Static indicators of compromise (IoCs) for...
What CISOs Should Expect from AI Powered MDR in 2026, According to Rapid7 CEO...
In the latest episode of Rapid7’s Experts on Experts, I’m joined by Rapid7 CEO Corey Thomas for a candid conversation about where AI is...
Initial Access Brokers have Shifted to High-Value Targets and Premium Pricing
Initial Access Brokers (IABs) are a key component of the cybercrime ecosystem, offering hassle-free building blocks for ransomware, data theft, and extortion. Rapid7’s analysis...
Red Teaming in 2026: What to Expect at our 2026 Global Cybersecurity Summit
Red teaming has always played a role in testing defenses, but in 2026 its role is changing. Security teams are no longer asking whether...
Metasploit Wrap-Up 03/27/2026
Better NTLM Relaying FunctionalityThis week’s release brings an improvement to the SMB NTLM relay server. In the past, it’s support has been expanded with...
Why CVSS is No Longer Enough for Exposure Management
For years, cybersecurity professionals have relied on a familiar metric to dictate their day-to-day priorities: the Common Vulnerability Scoring System (CVSS). In today’s hyper-connected,...
BPFdoor in Telecom Networks: Sleeper Cells in the Backbone
Executive overviewThe strategic positioning of covert access within the world’s telecommunication networksA months-long investigation by Rapid7 Labs has uncovered evidence of an advanced China-nexus...
New Whitepaper: Exploiting Cellular-based IoT Devices
Rapid7 has released a whitepaper titled “The Weaponization of Cellular Based IoT Technology,” by Deral Heiland, principal security researcher, IoT, at Rapid7, and Carlota...
CVE-2026-3055: Citrix NetScaler ADC and NetScaler Gateway Out-of-Bounds Read
OverviewOn March 23, 2026, Citrix published a security advisory for a critical vulnerability affecting their NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly...
Latest article
Apple’s 2026 Security Events: iPhone Exploits, Zero-Days Put Millions at Risk
Apple’s 2026 security year includes zero-days, iPhone exploit kits, WebKit fixes, and background patches that users and IT teams need to track.
The post Apple’s...
New Google Gemini Vulnerability Exploited via Prompt Injections from WhatsApp, Slack, and SMS
A new class of indirect prompt injection (IPI) attacks targets Google Gemini’s voice assistant, allowing attackers to silently hijack the AI through malicious payloads...
A Day in the Life of an MDR Analyst: Inside the Modern SOC
What actually happens inside a SOC when an incident unfolds? Most teams see the alerts and the outcomes, but the decision-making in between is...
Infosecurity Europe: Vulnerability Management Innovator Konvu Wins Cyber Startup Award
Inaugural Infosecurity Europe Cyber Startup Award Winner Impresses Panel with Ability Help Prioritize Vulnerabilities in AI era - Read more
