Rapid7
@rapid7.com
Rapid7 can help you command your attack surface, smash silos, stay steps ahead of attackers, and take breaches from “inevitable” to preventable. Rapid7 technology, services, and research give organizations around the world control.
🔗: rapid7.com
🔗: rapid7.com
🗓️ A new meeting invite on your calendar, or a new attack vector?
Because calendar files (.ics) often bypass traditional email & attachment defenses, they offer attackers a low-friction path into corporate environments. More in a new blog from Rapid7 Labs: r-7.co/3Jwc9wx
Because calendar files (.ics) often bypass traditional email & attachment defenses, they offer attackers a low-friction path into corporate environments. More in a new blog from Rapid7 Labs: r-7.co/3Jwc9wx
November 6, 2025 at 6:50 PM
🗓️ A new meeting invite on your calendar, or a new attack vector?
Because calendar files (.ics) often bypass traditional email & attachment defenses, they offer attackers a low-friction path into corporate environments. More in a new blog from Rapid7 Labs: r-7.co/3Jwc9wx
Because calendar files (.ics) often bypass traditional email & attachment defenses, they offer attackers a low-friction path into corporate environments. More in a new blog from Rapid7 Labs: r-7.co/3Jwc9wx
Reposted by Rapid7
Delighted to share that Vulnerability Intelligence is now incorporated within our @rapid7.com - sharing contextual indicators including which CVEs are actively exploited, by whom, and what impact they have.
More details available within our announcement: www.rapid7.com/blog/post/pt... #infosec
More details available within our announcement: www.rapid7.com/blog/post/pt... #infosec
Defend Smarter, Not Harder, with Rapid7: The Power of Curated Vulnerability Intelligence
Rapid7 delivers actionable intelligence through Intelligence Hub; identifying the vulnerabilities that actually matter, rather than relying on generic security ratings – or trying to decipher whether ...
www.rapid7.com
October 30, 2025 at 10:40 AM
Delighted to share that Vulnerability Intelligence is now incorporated within our @rapid7.com - sharing contextual indicators including which CVEs are actively exploited, by whom, and what impact they have.
More details available within our announcement: www.rapid7.com/blog/post/pt... #infosec
More details available within our announcement: www.rapid7.com/blog/post/pt... #infosec
#SaltTyphoon, a Chinese espionage APT group linked to the Ministry of State Security (MSS), has spent years infiltrating global telecommunications & government networks.
Find a free download of our pubsec-focused Salt Typhoon report here: r-7.co/47tz4QT
Find a free download of our pubsec-focused Salt Typhoon report here: r-7.co/47tz4QT
Salt Typhoon APT Group: What Public Sector Leaders and Defenders Should Know
Salt Typhoon’s long-term infiltration strategy is a reminder that modern cyber defense is as much about proactive endurance as innovation. More from Rapid7 Labs in a new research blog.
r-7.co
October 30, 2025 at 6:12 PM
#SaltTyphoon, a Chinese espionage APT group linked to the Ministry of State Security (MSS), has spent years infiltrating global telecommunications & government networks.
Find a free download of our pubsec-focused Salt Typhoon report here: r-7.co/47tz4QT
Find a free download of our pubsec-focused Salt Typhoon report here: r-7.co/47tz4QT
Reposted by Rapid7
As Pwn2Own Ireland 2025 draws to a close, a huge thank you to @thezdi.bsky.social for putting on another great contest! I reflected on why @rapid7.com has taken part at #Pwn2Own over the last two years, and our successes so far in the world of competitive zero day exploit development r-7.co/4o6RM85
Rapid7 at Pwn2Own: Raising the Bar in Vuln Intel
As the 2025 edition of Pwn2Own Ireland draws to a close, we are taking a beat to reflect on Rapid7’s participation & achievements in the world of competitive zero day exploit development.
r-7.co
October 24, 2025 at 4:51 PM
As Pwn2Own Ireland 2025 draws to a close, a huge thank you to @thezdi.bsky.social for putting on another great contest! I reflected on why @rapid7.com has taken part at #Pwn2Own over the last two years, and our successes so far in the world of competitive zero day exploit development r-7.co/4o6RM85
Tomorrow’s threats don’t wait. Neither should your defenses.
This Cybersecurity Awareness Month, explore Rapid7’s collection of expert insights, case studies, and research to help you anticipate attacks and strengthen your defenses.
👉 Dive in here: https://r-7.co/3LmjwqG
This Cybersecurity Awareness Month, explore Rapid7’s collection of expert insights, case studies, and research to help you anticipate attacks and strengthen your defenses.
👉 Dive in here: https://r-7.co/3LmjwqG
October 22, 2025 at 11:27 PM
Tomorrow’s threats don’t wait. Neither should your defenses.
This Cybersecurity Awareness Month, explore Rapid7’s collection of expert insights, case studies, and research to help you anticipate attacks and strengthen your defenses.
👉 Dive in here: https://r-7.co/3LmjwqG
This Cybersecurity Awareness Month, explore Rapid7’s collection of expert insights, case studies, and research to help you anticipate attacks and strengthen your defenses.
👉 Dive in here: https://r-7.co/3LmjwqG
🚨 On 10/15/25, #F5Networks disclosed a breach attributed to a sophisticated nation-state actor – confirming unauthorized access to select internal systems that dates back to August 2025.
Read on for Rapid7 Labs' analysis & actionable next steps: r-7.co/46VivhN
Read on for Rapid7 Labs' analysis & actionable next steps: r-7.co/46VivhN
Inside the F5 Breach: What We Know and Recommended Actions
Rapid7 Labs reports & advises on a breach that F5 Networks recently disclosed – attributed to a sophisticated nation-state actor.
r-7.co
October 16, 2025 at 6:30 PM
🚨 On 10/15/25, #F5Networks disclosed a breach attributed to a sophisticated nation-state actor – confirming unauthorized access to select internal systems that dates back to August 2025.
Read on for Rapid7 Labs' analysis & actionable next steps: r-7.co/46VivhN
Read on for Rapid7 Labs' analysis & actionable next steps: r-7.co/46VivhN
Microsoft’s October Patch Tuesday fixes 172 vulnerabilities, including 6 zero-days and 5 critical RCEs.
Microsoft reports exploitation in the wild for 3 zero-days and public disclosure for another 3. Only 1 critical RCE is considered likely to be exploited.
Full analysis: https://r-7.co/4oEU4vh
Microsoft reports exploitation in the wild for 3 zero-days and public disclosure for another 3. Only 1 critical RCE is considered likely to be exploited.
Full analysis: https://r-7.co/4oEU4vh
October 14, 2025 at 10:52 PM
Microsoft’s October Patch Tuesday fixes 172 vulnerabilities, including 6 zero-days and 5 critical RCEs.
Microsoft reports exploitation in the wild for 3 zero-days and public disclosure for another 3. Only 1 critical RCE is considered likely to be exploited.
Full analysis: https://r-7.co/4oEU4vh
Microsoft reports exploitation in the wild for 3 zero-days and public disclosure for another 3. Only 1 critical RCE is considered likely to be exploited.
Full analysis: https://r-7.co/4oEU4vh
👾 Get to know Russian Market, the underground hub where info-stealing malware logs & stolen user credentials are traded daily.
Dive into key vendors, malware variants & more via our latest research blog: r-7.co/4hdurir
Dive into key vendors, malware variants & more via our latest research blog: r-7.co/4hdurir
October 14, 2025 at 3:27 PM
👾 Get to know Russian Market, the underground hub where info-stealing malware logs & stolen user credentials are traded daily.
Dive into key vendors, malware variants & more via our latest research blog: r-7.co/4hdurir
Dive into key vendors, malware variants & more via our latest research blog: r-7.co/4hdurir
🚨 Rapid7 has observed increased activity involving a new threat group and #AWS cloud environments.
Self-referred to as ‘Crimson Collective’, the group has claimed responsibility for the recent theft of private repositories from the #RedHat GitLab. More: r-7.co/48ltfqS
Self-referred to as ‘Crimson Collective’, the group has claimed responsibility for the recent theft of private repositories from the #RedHat GitLab. More: r-7.co/48ltfqS
October 7, 2025 at 7:48 PM
🚨 Rapid7 has observed increased activity involving a new threat group and #AWS cloud environments.
Self-referred to as ‘Crimson Collective’, the group has claimed responsibility for the recent theft of private repositories from the #RedHat GitLab. More: r-7.co/48ltfqS
Self-referred to as ‘Crimson Collective’, the group has claimed responsibility for the recent theft of private repositories from the #RedHat GitLab. More: r-7.co/48ltfqS
⚠️ The auto industry, retail, & the public sector have one thing in common: each was impacted by cyberattacks in some new (and costly) way in 2025.
October is Cybersecurity Awareness Month, and it's high time for orgs everywhere to 'be ready.' Read on ⤵️
October is Cybersecurity Awareness Month, and it's high time for orgs everywhere to 'be ready.' Read on ⤵️
What Recent Cyber Attacks Reveal About Readiness in 2025
Retail, automotive, public sector, transport, and legal services have all been impacted in new and costly ways - exposing organizations not just to downtime and data loss, but to a more systemic risk:...
r-7.co
October 6, 2025 at 7:42 PM
⚠️ The auto industry, retail, & the public sector have one thing in common: each was impacted by cyberattacks in some new (and costly) way in 2025.
October is Cybersecurity Awareness Month, and it's high time for orgs everywhere to 'be ready.' Read on ⤵️
October is Cybersecurity Awareness Month, and it's high time for orgs everywhere to 'be ready.' Read on ⤵️
On 10/4/25, #Oracle published an advisory & patch for CVE-2025-61882 – an RCE vuln affecting the Oracle Concurrent Processing product within E-Business Suite (EBS).
Claims of exploitation in-the-wild at the hands of #Cl0p are supported. More in our blog: r-7.co/46VXYbM
Claims of exploitation in-the-wild at the hands of #Cl0p are supported. More in our blog: r-7.co/46VXYbM
Critical 0day in Oracle E-Business Suite exploited in-the-wild
A new vulnerability, CVE-2025-61882, affecting Oracle E-Business Suite has been exploited in-the-wild by the Cl0p ransomware gang.
r-7.co
October 6, 2025 at 1:24 PM
On 10/4/25, #Oracle published an advisory & patch for CVE-2025-61882 – an RCE vuln affecting the Oracle Concurrent Processing product within E-Business Suite (EBS).
Claims of exploitation in-the-wild at the hands of #Cl0p are supported. More in our blog: r-7.co/46VXYbM
Claims of exploitation in-the-wild at the hands of #Cl0p are supported. More in our blog: r-7.co/46VXYbM
“At the end of the day, it’s about peace of mind. Customers trust us to watch their backs so they can focus on running their business.” 🛡️
In our SOC, that’s the mission.
In our SOC, that’s the mission.
October 3, 2025 at 3:45 PM
“At the end of the day, it’s about peace of mind. Customers trust us to watch their backs so they can focus on running their business.” 🛡️
In our SOC, that’s the mission.
In our SOC, that’s the mission.
🚨 The Rapid7 MDR team has observed a significant rise in the number of threat actors leveraging Direct Send, a lesser-known feature within #Microsoft365.
Find our mitigation advice & more in a new blog: r-7.co/3VMtAeH
Find our mitigation advice & more in a new blog: r-7.co/3VMtAeH
October 2, 2025 at 3:41 PM
🚨 The Rapid7 MDR team has observed a significant rise in the number of threat actors leveraging Direct Send, a lesser-known feature within #Microsoft365.
Find our mitigation advice & more in a new blog: r-7.co/3VMtAeH
Find our mitigation advice & more in a new blog: r-7.co/3VMtAeH
Automated security scanners are often stopped in their tracks by MFA. This is great for security, but poses a challenge for scanning.
Luckily, Rapid7's InsightAppSec makes it easy to handle Time-based One-Time Passwords (TOTP). Find a guide in our blog: http://r-7.co/46DTiXV
Luckily, Rapid7's InsightAppSec makes it easy to handle Time-based One-Time Passwords (TOTP). Find a guide in our blog: http://r-7.co/46DTiXV
October 1, 2025 at 4:26 PM
Automated security scanners are often stopped in their tracks by MFA. This is great for security, but poses a challenge for scanning.
Luckily, Rapid7's InsightAppSec makes it easy to handle Time-based One-Time Passwords (TOTP). Find a guide in our blog: http://r-7.co/46DTiXV
Luckily, Rapid7's InsightAppSec makes it easy to handle Time-based One-Time Passwords (TOTP). Find a guide in our blog: http://r-7.co/46DTiXV
Threat actors are exploiting CVE-2025-53770, a critical Microsoft #SharePoint vulnerability, to gain initial access to victim networks – notably across the public sector.
Find actionable next steps & a free download of Rapid7's September Threat Report in our latest blog: r-7.co/3VILFu7
Find actionable next steps & a free download of Rapid7's September Threat Report in our latest blog: r-7.co/3VILFu7
Microsoft SharePoint Zero-Day Exploitation: What Public Sector Leaders Should Know
Rapid7's September 2025 Threat Report highlights active exploitation of a critical Microsoft SharePoint vulnerability, CVE-2025-53770 – used by threat actors to gain initial access to government syste...
r-7.co
September 30, 2025 at 2:47 PM
Threat actors are exploiting CVE-2025-53770, a critical Microsoft #SharePoint vulnerability, to gain initial access to victim networks – notably across the public sector.
Find actionable next steps & a free download of Rapid7's September Threat Report in our latest blog: r-7.co/3VILFu7
Find actionable next steps & a free download of Rapid7's September Threat Report in our latest blog: r-7.co/3VILFu7
🚨 On September 25, 2025, #Cisco published advisories for 3 vulnerabilities affecting multiple different Cisco products.
CVE-2025-20333 & CVE-2025-20362 are known to be exploited in the wild, while the third, CVE-2025-20363, is at high risk thereof.
More in our blog: r-7.co/4pLZs0Y
CVE-2025-20333 & CVE-2025-20362 are known to be exploited in the wild, while the third, CVE-2025-20363, is at high risk thereof.
More in our blog: r-7.co/4pLZs0Y
Multiple critical vulnerabilities affecting Cisco products | CVE-2025-20333, CVE-2025-20362, CVE-2025-20363
On September 25, 2025, Cisco published advisories for 3 notable vulnerabilities affecting many different products. 2 are known to be exploited in the wild, while the third is at high risk for exploita...
r-7.co
September 25, 2025 at 9:30 PM
🚨 On September 25, 2025, #Cisco published advisories for 3 vulnerabilities affecting multiple different Cisco products.
CVE-2025-20333 & CVE-2025-20362 are known to be exploited in the wild, while the third, CVE-2025-20363, is at high risk thereof.
More in our blog: r-7.co/4pLZs0Y
CVE-2025-20333 & CVE-2025-20362 are known to be exploited in the wild, while the third, CVE-2025-20363, is at high risk thereof.
More in our blog: r-7.co/4pLZs0Y
Reposted by Rapid7
We have published our AttackerKB @rapid7.com Analysis for the recent GoAnywhere MFT vuln, CVE-2025-10035. It's an access control bypass + unsafe deserialization + an as-yet unknown issue in how an attacker can know a specific private key! attackerkb.com/topics/LbA9A...
CVE-2025-10035 | AttackerKB
On September 18, 2025, Fortra published a security advisory for a new vulnerability affecting their managed file transfer product, GoAnywhere MFT. The new vuln…
attackerkb.com
September 24, 2025 at 1:33 PM
We have published our AttackerKB @rapid7.com Analysis for the recent GoAnywhere MFT vuln, CVE-2025-10035. It's an access control bypass + unsafe deserialization + an as-yet unknown issue in how an attacker can know a specific private key! attackerkb.com/topics/LbA9A...
Most SIEMs collect data. Incident Command helps you act on it.
AI-powered workflows give analysts speed and clarity, while leaders see progress they can measure. Faster investigations, smarter response, real outcomes.
🔗 https://r-7.co/4n01JUs
AI-powered workflows give analysts speed and clarity, while leaders see progress they can measure. Faster investigations, smarter response, real outcomes.
🔗 https://r-7.co/4n01JUs
September 23, 2025 at 5:20 PM
Most SIEMs collect data. Incident Command helps you act on it.
AI-powered workflows give analysts speed and clarity, while leaders see progress they can measure. Faster investigations, smarter response, real outcomes.
🔗 https://r-7.co/4n01JUs
AI-powered workflows give analysts speed and clarity, while leaders see progress they can measure. Faster investigations, smarter response, real outcomes.
🔗 https://r-7.co/4n01JUs
⚠️ Rapid7 has identified a permission bypass vuln. in multiple versions of #OnePlus OxygenOS installed on its Android smartphones.
When leveraged, any app on the device may read SMS/MMS data & metadata via the default Telephony provider. More in our blog: r-7.co/42EujlR
When leveraged, any app on the device may read SMS/MMS data & metadata via the default Telephony provider. More in our blog: r-7.co/42EujlR
September 23, 2025 at 12:58 PM
⚠️ Rapid7 has identified a permission bypass vuln. in multiple versions of #OnePlus OxygenOS installed on its Android smartphones.
When leveraged, any app on the device may read SMS/MMS data & metadata via the default Telephony provider. More in our blog: r-7.co/42EujlR
When leveraged, any app on the device may read SMS/MMS data & metadata via the default Telephony provider. More in our blog: r-7.co/42EujlR
Analysts shouldn’t have to carry the weight of 4,400 alerts a day.
Incident Command flips the model: AI trained by Rapid7’s SOC drives accurate triage, guided investigations, and a unified workflow that actually accelerates analysts.
🔗 https://r-7.co/4mui03e
Incident Command flips the model: AI trained by Rapid7’s SOC drives accurate triage, guided investigations, and a unified workflow that actually accelerates analysts.
🔗 https://r-7.co/4mui03e
September 19, 2025 at 8:24 PM
Analysts shouldn’t have to carry the weight of 4,400 alerts a day.
Incident Command flips the model: AI trained by Rapid7’s SOC drives accurate triage, guided investigations, and a unified workflow that actually accelerates analysts.
🔗 https://r-7.co/4mui03e
Incident Command flips the model: AI trained by Rapid7’s SOC drives accurate triage, guided investigations, and a unified workflow that actually accelerates analysts.
🔗 https://r-7.co/4mui03e
🚨 On 9/18/2025, #Fortra published an advisory for CVE-2025-10035, a new vulnerability affecting GoAnywhere MFT.
The vulnerability allows an attacker to achieve unauthenticated remote code execution. More details & mitigation guidance in a new blog: https://r-7.co/4mAaweQ
The vulnerability allows an attacker to achieve unauthenticated remote code execution. More details & mitigation guidance in a new blog: https://r-7.co/4mAaweQ
September 19, 2025 at 5:30 PM
🚨 On 9/18/2025, #Fortra published an advisory for CVE-2025-10035, a new vulnerability affecting GoAnywhere MFT.
The vulnerability allows an attacker to achieve unauthenticated remote code execution. More details & mitigation guidance in a new blog: https://r-7.co/4mAaweQ
The vulnerability allows an attacker to achieve unauthenticated remote code execution. More details & mitigation guidance in a new blog: https://r-7.co/4mAaweQ
Casinos rely on eyes in the sky to see every table and every move.
Rapid7 gives you that same clarity across your environment—endpoint to cloud, users to attackers—with the context to act.
Watch the full interview for more insights: https://r-7.co/45Rshje
Rapid7 gives you that same clarity across your environment—endpoint to cloud, users to attackers—with the context to act.
Watch the full interview for more insights: https://r-7.co/45Rshje
September 18, 2025 at 7:08 PM
Casinos rely on eyes in the sky to see every table and every move.
Rapid7 gives you that same clarity across your environment—endpoint to cloud, users to attackers—with the context to act.
Watch the full interview for more insights: https://r-7.co/45Rshje
Rapid7 gives you that same clarity across your environment—endpoint to cloud, users to attackers—with the context to act.
Watch the full interview for more insights: https://r-7.co/45Rshje
🚨 Yesterday, September 17, 2025, #SonicWall disclosed a security breach affecting customers with MySonicWall[.]com cloud backups enabled.
Rapid7 has updated its September 10 blog with the latest guidance: r-7.co/46hbAOu
Rapid7 has updated its September 10 blog with the latest guidance: r-7.co/46hbAOu
Akira Ransomware Group Utilizing SonicWall Devices for Initial Access
The Rapid7 MDR team is continually monitoring our customers’ environments for post-exploitation activity using the latest threat detections. Customers leveraging Rapid7’s Intelligence Hub can track th...
r-7.co
September 18, 2025 at 3:10 PM
🚨 Yesterday, September 17, 2025, #SonicWall disclosed a security breach affecting customers with MySonicWall[.]com cloud backups enabled.
Rapid7 has updated its September 10 blog with the latest guidance: r-7.co/46hbAOu
Rapid7 has updated its September 10 blog with the latest guidance: r-7.co/46hbAOu
You may be outnumbered, but with Rapid7 MDR, you're never outmatched.
Rapid7 MDR delivers expert-led, attacker-aware detection and response across every corner of your environment.
Discover the Rapid7 MDR difference: https://r-7.co/3Ibgi8r
Rapid7 MDR delivers expert-led, attacker-aware detection and response across every corner of your environment.
Discover the Rapid7 MDR difference: https://r-7.co/3Ibgi8r
September 16, 2025 at 5:10 PM
You may be outnumbered, but with Rapid7 MDR, you're never outmatched.
Rapid7 MDR delivers expert-led, attacker-aware detection and response across every corner of your environment.
Discover the Rapid7 MDR difference: https://r-7.co/3Ibgi8r
Rapid7 MDR delivers expert-led, attacker-aware detection and response across every corner of your environment.
Discover the Rapid7 MDR difference: https://r-7.co/3Ibgi8r
September #PatchTuesday: 176 fixes, five critical RCEs, and multiple zero-days. Key priorities include SQL Server (CVE-2024-21907), Azure HPC (CVE-2025-55232), and SMB server (CVE-2025-55234).
Full analysis 👉 https://r-7.co/4m9MBm1
Full analysis 👉 https://r-7.co/4m9MBm1
September 12, 2025 at 8:18 PM
September #PatchTuesday: 176 fixes, five critical RCEs, and multiple zero-days. Key priorities include SQL Server (CVE-2024-21907), Azure HPC (CVE-2025-55232), and SMB server (CVE-2025-55234).
Full analysis 👉 https://r-7.co/4m9MBm1
Full analysis 👉 https://r-7.co/4m9MBm1