Metasploit Wrap Up 05/22/2026
Another week, another authentication bypass Our humble Metasploit weekly(ish) blog has been blessed with a new network component vulnerability. The dynamic d...
Rapid7 Blog
20 articles
Q1 2026 Threat Landscape Report: Zero-clicks, geopolitical tensions, and some wins for law enforcement
The first quarter of 2026 reinforced that attackers are moving faster, operating with greater coordination, and exploiting weaknesses before most organizatio...
Operationalizing CTEM Faster: Build Surface Command Dashboards in Minutes
Modern attack surfaces don’t sit still. Cloud expansion, SaaS sprawl, identity complexity, and shadow IT are continuously reshaping organizational risk.
Rapid7’s 2026 Global Cybersecurity Summit: Key Takeaways for Security Leaders
Security teams are working in an environment where speed, scale, and complexity are all increasing at the same time. Across the Rapid7 2026 Global Cybersecur...
Metasploit Wrap-Up 05/15/2026
Weaponizing a text editor for fun and profit Gather round, dear readers, because today, we (by we, we mean @h00die) dropped the ultimate persistence mechanis...
CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OS
Overview On May 13, 2026, Palo Alto Networks published a security advisory for CVE-2026-0265, a signature verification vulnerability that facilitates authent...
CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)
Overview While researching a critical authentication bypass vulnerability, CVE-2026-20127, which was exploited in-the-wild, Rapid7 Labs discovered a new auth...
The Dark Side of Efficiency: When Network Controllers Become "God Mode" for Attackers
Imagine you build a massive corporate campus with every security control money can buy. Blast resistant doors.
When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise
Overview Attackers do not need to break into the front door when they can convince employees to open it for them through the tools they already trust. In Apr...
Rapid7 Partner Academy: Driving Impact with Gold Stevie Award-Winning Partner Services Certifications
At Rapid7, our commitment to our partners is built on the foundation of the PACT (Partnering with Accountability, Consistency, and Transparency) program. Cen...
Patch Tuesday - May 2026
Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild or public disclosure for any of the...
How Rapid7 is bringing Cyber GRC closer to security operations
Sabeen Malik is VP, Global Government Affairs and Public Policy at Rapid7. ⠀ Security teams need a better way to connect what they detect, what they fix, and...
What is Cyber GRC? How Rapid7 is bringing compliance closer to security operations
Sabeen Malik is VP, Global Government Affairs and Public Policy at Rapid7. ⠀ Security teams need a better way to connect what they detect, what they fix, and...
Metasploit Wrap-Up 05/08/2026
Spring cleanup This week’s Metasploit updates focused on foundational improvements and expanded target reach. Key enhancements were made to the recently rele...
Zero Chaos: Scaling Detection Engineering at the Speed of Software, with Detection As Code
Every engineering team in your organization ships code through a pipeline. They branch, test, review, and deploy.
Rapid7 and OpenAI: Helping Defenders Move at Machine Speed
Wade Woolwine is Senior Director, Product Security at Rapid7. Announcing OpenAI's Trusted Access for Cyber program CIOs and CISOs are telling us the same thi...
Why Security in 2026 Requires Continuous Threat and Exposure Management (CTEM) at Scale
Let's be honest, the patching window just shrank to something no practitioner or organization can keep up with. Organizations now need to operate in an envir...
Critical Buffer Overflow in Palo Alto Networks PAN-OS User-ID Authentication Portal (CVE-2026-0300)
Overview On May 6, 2026, Palo Alto Networks published a security advisory for CVE-2026-0300, a critical unauthenticated buffer overflow vulnerability affecti...
Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware
Executive summary In early 2026, a sophisticated intrusion initially appearing to be a standard Chaos ransomware attack was assessed to be consistent with a ...
Metasploit Wrap-Up 05/01/2026
MCP server This release our very own cdelafuente-r7 finished implementing the Metasploit MCP Server (msfmcpd), bringing Model Context Protocol support to Met...