Rapid7
20 articles
Cybersecurity M&A Roundup: 38 Deals Announced in March 2026
Significant cybersecurity M&A deals announced by Airbus, Cellebrite, Databricks, Quantum eMotion, Rapid7, and OpenAI. The post Cybersecurity M&A Roundup: 38 ...
New Whitepaper: Stealthy BPFDoor Variants are a Needle That Looks Like Hay
Executive Overview Advanced persistent threats (APTs) are constantly and consistently changing tactics as network defenders plug holes in defenses. Static in...
New Whitepaper: Stealthy BPFDoor Variants are a Needle That Looks Like Hay
Executive Overview Advanced persistent threats (APTs) are constantly and consistently changing tactics as network defenders plug holes in defenses. Static in...
What CISOs Should Expect from AI Powered MDR in 2026, According to Rapid7 CEO Corey Thomas
In the latest episode of Rapid7’s Experts on Experts, I’m joined by Rapid7 CEO Corey Thomas for a candid conversation about where AI is genuinely changing se...
Initial Access Brokers have Shifted to High-Value Targets and Premium Pricing
Initial Access Brokers (IABs) are a key component of the cybercrime ecosystem, offering hassle-free building blocks for ransomware, data theft, and extortion...
Metasploit Wrap-Up 03/27/2026
Better NTLM Relaying Functionality This week’s release brings an improvement to the SMB NTLM relay server. In the past, it’s support has been expanded with m...
China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks
China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets. Rapid7 Labs uncovered a China-linked thre...
Hackers Implant Stealthy BPFdoor Backdoors in Telecom Networks for Persistent Access
A China-nexus threat actor known as Red Menshen is planting stealthy backdoors deep inside global telecommunications networks. According to a recent investig...
Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks
Telecommunications providers around the world have been dealing with the burrowing efforts of the China-linked APTs for many years now. To help them identify...
BPFdoor in Telecom Networks: Sleeper Cells in the backbone
Executive overview The strategic positioning of covert access within the world’s telecommunication networks A months-long investigation by Rapid7 Labs has un...
From Vectors to Verdicts: Web App Testing with Vector Command
If it’s online, it’s a target Web applications are no longer just business enablers, they’re often the front door to an organization. They can often generate...
New Whitepaper: Exploiting Cellular-based IoT Devices
Rapid7 has released a whitepaper titled “The Weaponization of Cellular Based IoT Technology,” by Deral Heiland, principal security researcher, IoT, at Rapid7...
Metasploit Wrap-Up 03/20/2026
♫ I Just Called ♫ To Say ♫ 7f45 4c46 0201 0100 0000 0000 0000 0000 0300 3e00 0100♫ This release contains 2 new exploit modules, 2 enhancements, and 7 bug fix...
CVE-2026-31381, CVE-2026-31382: Gainsight Assist Information Disclosure and Cross-Site Scripting (FIXED)
Overview Rapid7 Labs recently identified a chain of security vulnerabilities in the Gainsight Assist plugin and its interactions with the associated domain a...
Preemptive and Proactive: An enhanced CNAPP available with Exposure Command
Earlier this year, we made a significant announcement: Rapid7 partnered with ARMO to add AI-powered cloud application detection and response (CADR) – or clou...
AI-Enabled Adversaries Compress Time-to-Exploit Following Vulnerability Disclosure
Rapid7 says median time from publication to CISA KEV inclusion dropped to five days
The Attack Cycle is Accelerating: Announcing the Rapid7 2026 Global Threat Landscape Report
The predictive window has collapsed. In 2025, high-impact vulnerabilities weren’t quietly accumulating risk.
PACT 2026: A Stronger, Simpler, More Profitable Path for Rapid7 Partners
The cybersecurity channel is evolving fast. Buying behaviors are shifting and customers are rethinking how they evaluate solutions.
Metasploit Wrap-Up 03/13/2026
No bad luck here: Friday the 13th brings new modules and a Metasploit Pro milestone This week’s Metasploit Framework release delivers three new modules acros...