2025 Ransomware: Business as Usual, Business is Booming

Getting an edge on your adversaries involves understanding their behaviors and their mindset. Rapid7 Labs took a look at internal and publicly-available ransomware data for Q1 2025 and added our own insights to provide a picture of the year thus far—and what you can do now to reduce your attack...

gimp: dds buffer overflow RCE

A parsing vulnerability was found in the GNU Image Manipulation Program GIMP. This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious DDS file, possibly enabling the execution of unauthorized code within the GIMP process...

How SSL Misconfigurations Impact Your Attack Surface

When assessing an organization's external attack surface, encryption-related issues especially SSL misconfigurations receive special attention. Why? Their widespread use, configuration complexity, and visibility to attackers as well as users make them more likely to be exploited. This highlights...

Desktop VDA installation on Surface Pro with ARM64

VDA installation and setup on Surface Pro device with ARM64 Processor...

The vulnerability of Microsoft Surface sensor display microprogramming software, related to insufficient validation of input data, allows a hacker to bypass security functions.

The vulnerability of Microsoft Surface sensor display software is related to insufficient testing of input data. Exploiting this vulnerability could allow a remote attacker to bypass security measures...

Seeing The Whole Picture: A Better Way To Manage Your Attack Surface

Do you trust your view of your organization’s risk? With cloud adoption, remote work, shadow IT, and AI, security teams face an overwhelming challenge: scoping their attack surface and continuously discovering all assets and exposures before threats emerge. This aligns with the critical first ste...

kernel: drm/vmwgfx: Unmap the surface before resetting it on a plane state

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Unmap the surface before resetting it on a plane state Switch to a new plane state requires unreferencing of all held surfaces. In the work required for mob cursors the mapped surfaces started being cached but the...

Linux Distros Unpatched Vulnerability : CVE-2023-52648

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/vmwgfx: Unmap the surface before resetting it on a plane state Switch to a new plane state requires unreferencing of all held surfaces. In the work required...

Linux Distros Unpatched Vulnerability : CVE-2024-32473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. I...

The vulnerability of the pfifo_tail_enqueue() function (net/sched/sch_fifo.c) in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the pfifotailenqueue function net/sched/schfifo.c in the Linux operating system is related to a discrepancy in functionality according to the specification. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility o...

Independent Analyst Firm: Qualys Recognized as a Leader in Attack Surface Management

As the modern attack surface continues to grow in complexity, the need for simplified asset discovery and risk assessment has never been more acute. In 2021, Qualys introduced CyberSecurity Asset Management CSAM, a visionary ASM offering designed to bolster the customer’s coverage of the attack...

Why MDR In 2025 Is About Scaling With Purpose

Forrester recently released “The Forrester Wave™: Managed Detection and Response MDR Services, Q1 2025,", highlighting the top 10 MDR providers out of more than 600 worldwide. While we’re honored to be recognized in such a competitive market, Rapid7’s designation underscores a fundamental...

Command Platform Innovations Eliminate Data Blind Spots Through Complete Visibility and Context-Driven Risk Prioritization

Rapid7 provides unmatched attack surface visibility through the Command Platform, helping security teams identify, prioritize, and remediate risk across hybrid environments. Surface Command is the only solution available that combines native external and internal scanning into a single unified vi...

Exploit for CVE-2025-26794

CVE-2025-26794: Blind SQL injection in Exim 4.98 SQLite DBM...

CISO's Expert Guide To CTEM And Why It Matters

Cyber threats evolve—has your defense strategy kept up? A new free guide available here explains why Continuous Threat Exposure Management CTEM is the smart approach for proactive cybersecurity. This concise report makes a clear business case for why CTEM's comprehensive approach is the best...

CVE-2025-21194

Microsoft Surface Security Feature Bypass Vulnerability...

CVE-2025-21194

Microsoft Surface Security Feature Bypass Vulnerability...

CVE-2025-21194 Microsoft Surface Security Feature Bypass Vulnerability

...

CVE-2025-21194 Microsoft Surface Security Feature Bypass Vulnerability

...

CVE-2025-21194

CVE-2025-21194 is a Microsoft Surface Security Feature Bypass vulnerability affecting Surface devices. The connected Rapid7 Patch Tuesday coverage describes exploitation as a potential container escape from a UEFI host, leading to hypervisor compromise. Updates are delivered via Windows Update ac...