Lucene search
K
Rapid7blogRecent

1723 matches found

Rapid7 Blog
Rapid7 Blog
added 6 days ago8 views

Weekly Metasploit Update: Modules for Audiobookshelf, LiteLLM, Next.js, Dalfox and more

Help shape the future of Metasploit Framework We are planning future work in relation to the evasion capabilities present in Metasploit Framework, and how they function/are presented to users. We are currently accepting responses to our feedback form, which means that you can shape the future of...

10CVSS7.3AI score0.99621EPSS
Exploits69
Rapid7 Blog
Rapid7 Blog
added 2026/06/19 5:8 p.m.6 views

Weekly Metasploit Update: NTLM Relay Priv Esc, MCP Server Integration, Paperclip AI RCE Chain, and more

This week's release includes five new modules, including a full unauthenticated RCE chain for Paperclip AI and a VS Code extension persistence technique. On the post-exploitation side, the new windows/local/ntlmrelay2self module coerces the local machine account to authenticate via...

10CVSS6.8AI score0.01972EPSS
Exploits11
Rapid7 Blog
Rapid7 Blog
added 2026/06/15 2:44 p.m.11 views

Beyond the Score: Using AI to Translate CVEs into Real-World Business Risk

Security leaders rarely struggle to gather data, but they often struggle to turn that data into something clear and meaningful for the business. In a typical week, a CISO might receive a report listing hundreds or even thousands of vulnerabilities, most of them accompanied by CVSS scores that mak...

6.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/06/13 12:22 a.m.15 views

Weekly Metasploit Update: New Kerberos/Certificate tracing options, and multiple new modules

New Tracing Options As hard as we try to ensure that Metasploit is bug free, issues inevitably come up. Whether you’re running a module on an op or writing a new one, what we can do is make the debugging experience easier. To that end one of our two Google Summer of Code GSoC projects is here to...

6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/06/12 1:43 p.m.10 views

Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)

Overview On June 10, 2026, Oracle published a security alert for CVE-2026-35273, a critical vulnerability in the Updates Environment Management component of PeopleSoft Enterprise PeopleTools. Oracle released an out-of-band patch the same day as the advisory, underscoring the urgency of remediatio...

9.8CVSS6.9AI score0.9233EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2026/06/11 1:0 p.m.27 views

Criminal AI-as-a-Service in 2026: How the Underground Market Is Operationalizing Cybercrime

Introduction The underground market for criminally oriented generative AI has moved beyond the early hype surrounding 'malicious chatbots.' The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for ful...

6.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/06/10 10:21 a.m.9 views

CVE-2026-10520, CVE-2026-10523 - Multiple critical vulnerabilities affecting Ivanti Sentry

Overview On June 9, 2026, Ivanti published a security advisory for two critical vulnerabilities affecting Ivanti Sentry formerly known as MobileIron Sentry, which per the vendor website is an “in-line gateway that manages, encrypts, and secures traffic between the mobile device and back-end...

10CVSS7.3AI score0.98937EPSS
Exploits5
Rapid7 Blog
Rapid7 Blog
added 2026/06/09 9:4 p.m.22 views

Patch Tuesday - June 2026

Microsoft is publishing 200 vulnerabilities on June 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild for any of these vulnerabilities, and is aware of public disclosure for three. This is similar to last month’s Patch Tuesday, however several of last month’s vulnerabilities...

8.4CVSS6.2AI score0.00814EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/06/08 5:5 p.m.10 views

Critical Check Point VPN Zero-Day Exploited in the Wild (CVE-2026-50751)

Overview On June 8, 2026, Check Point published a security advisory for CVE-2026-50751, a critical authentication bypass vulnerability affecting Check Point Remote Access VPN, Mobile Access, and Spark Firewall products. The vulnerability affects deployments configured to use the deprecated IKEv1...

9.3CVSS6.2AI score0.71051EPSS
Exploits5
Rapid7 Blog
Rapid7 Blog
added 2026/06/05 5:1 p.m.10 views

Weekly Metasploit Update: Apache ActiveMQ RCE, Gogs Rebase RCE, and Windows Kernel Pointer Enum

When Open Source is a bit too Open Several fun modules landed this week, including an Apache RCE, Windows Kernel pointer collection, and Gogs RCE via naming. Leading off is Gogs' RCE that allows an attacker to execute commands by naming their branch --exec and requesting a rebase. Another useful...

8.8CVSS7.5AI score0.96666EPSS
Exploits12
Rapid7 Blog
Rapid7 Blog
added 2026/06/01 1:0 p.m.27 views

CVE-2026-0826: Critical unauthenticated stack buffer overflow in HP Poly VVX and Trio VoIP Phones (FIXED)

Overview Rapid7 Labs conducted a zero-day research project against an HP Poly VVX 450 Voice over Internet Protocol VoIP phone. This research resulted in the discovery of a critical unauthenticated stack-based buffer overflow vulnerability, CVE-2026-0826. A remote attacker can leverage CVE-2026-08...

9.2CVSS7.1AI score0.26468EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2026/06/01 1:0 p.m.26 views

CVE-2026-0826: How an Old Bug Can Feed AI-Powered Impersonation

One of the more persistent myths in security is that old bug classes become old problems. They don’t. They just show up in different places, under different conditions, and usually at the exact moment we’ve convinced ourselves not to pay attention to them. That’s part of what makes enterprise voi...

9.2CVSS6.3AI score0.26468EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2026/05/29 7:34 p.m.18 views

Metasploit Wrap Up 05/29/2026

More Linux LPEs Hark the age of the Linux LPE has arrived. This week’s release follows up on recent work bringing new Linux LPEs to Metasploit users. Copy Fail seemed to have kicked off a trend of similar bugs and hot on its heels is Dirty Frag. Dirty Frag is actually two vulnerabilities in a...

9.8CVSS8AI score0.93235EPSS
Exploits55
Rapid7 Blog
Rapid7 Blog
added 2026/05/29 4:49 p.m.195 views

Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)

Overview On May 13, 2026, Palo Alto Networks published a security advisory for CVE-2026-0257, a medium severity authentication bypass affecting PAN-OS and Prisma Access when a specific configuration is present. Successful exploitation of this vulnerability allows a remote unauthenticated attacker...

9.1CVSS6.2AI score0.86678EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2026/05/28 12:0 p.m.108 views

CVE-2026-52806: Authenticated RCE via Argument Injection in Gogs (FIXED as of June 7, 2026)

Overview Rapid7 Labs discovered a critical argument injection CWE-88 vulnerability in Gogs, a popular open-source self-hosted Git service, tracked as CVE-2026-52806. Rapid7 Labs scores this vulnerability as CVSSv4 9.4 Critical. The vulnerability allows any authenticated user to achieve remote cod...

9.9CVSS6.5AI score0.01029EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/05/22 7:10 p.m.47 views

Metasploit Wrap Up 05/22/2026

Another week, another authentication bypass Our humble Metasploit weeklyish blog has been blessed with a new network component vulnerability. The dynamic duo of @sfewer-r7 and @jburgess-r7 have discovered and authored the admin/networking/ciscosdwanvhubauthbypass module for CVE-2026-20182, a...

10CVSS8AI score0.981EPSS
Exploits74
Rapid7 Blog
Rapid7 Blog
added 2026/05/21 1:0 p.m.10 views

Rapid7 Quarterly Threat Landscape Report: Zero-clicks, geopolitical tensions, and some wins for law enforcement

The first quarter of 2026 reinforced that attackers are moving faster, operating with greater coordination, and exploiting weaknesses before most organizations can respond effectively. From escalating geopolitical tensions to increasingly aggressive ransomware operations, the latest quarterly...

5.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/05/20 12:15 p.m.9 views

Operationalizing CTEM Faster: Build Surface Command Dashboards in Minutes

Modern attack surfaces don’t sit still. Cloud expansion, SaaS sprawl, identity complexity, and shadow IT are continuously reshaping organizational risk. For security leaders, visibility isn’t the challenge anymore, but actually operationalizing that visibility is. Surface Command was built to uni...

5.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/05/15 6:54 p.m.11 views

Metasploit Wrap-Up 05/15/2026

Weaponizing a text editor for fun and profit Gather round, dear readers, because today, we by we, we mean @h00die dropped the ultimate persistence mechanism: Vim plugin persistence. And honestly, calling it "persistence" feels redundant — Vim is already the most persistent thing ever. Somewhere,...

9.8CVSS8AI score0.79335EPSS
Exploits22
Rapid7 Blog
Rapid7 Blog
added 2026/05/14 7:15 p.m.10 views

CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OS

Overview On May 13, 2026, Palo Alto Networks published a security advisory for CVE-2026-0265, a signature verification vulnerability that facilitates authentication bypass on PAN-OS, the operating system that most Palo Alto Networks firewalls run. This vulnerability allows a remote unauthenticate...

9.2CVSS5.8AI score0.0044EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2026/05/14 4:0 p.m.13 views

CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)

Overview While researching a critical authentication bypass vulnerability, CVE-2026-20127, which was exploited in-the-wild, Rapid7 Labs discovered a new authentication bypass vulnerability affecting Cisco Catalyst SD-WAN Controller formerly known as vSmart, CVE-2026-20182. This new authentication...

10CVSS6.6AI score0.87693EPSS
Exploits4
Rapid7 Blog
Rapid7 Blog
added 2026/05/14 4:0 p.m.11 views

The Dark Side of Efficiency: When Network Controllers Become "God Mode" for Attackers

Imagine you build a massive corporate campus with every security control money can buy. Blast resistant doors. Biometric scanners. Guards at every entrance. Maybe something similar to the infamous Death Star. On paper, it looks fantastic. Then, somewhere along the way, somebody decides the...

10CVSS6.1AI score0.87693EPSS
Exploits4
Rapid7 Blog
Rapid7 Blog
added 2026/05/13 2:44 p.m.11 views

When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise

Overview Attackers do not need to break into the front door when they can convince employees to open it for them through the tools they already trust. In April 2026, Rapid7 investigated an enterprise intrusion that began with a Microsoft Teams message from a fake “IT Support” account and quickly...

6.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/05/13 12:22 a.m.14 views

Patch Tuesday - May 2026

Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild or public disclosure for any of these vulnerabilities. So far this month, Microsoft has provided patches to address 133 browser vulnerabilities, which are not included in the...

9.9CVSS6.6AI score0.72253EPSS
Exploits35
Rapid7 Blog
Rapid7 Blog
added 2026/05/08 6:26 p.m.9 views

Metasploit Wrap-Up 05/08/2026

Spring cleanup This week’s Metasploit updates focused on foundational improvements and expanded target reach. Key enhancements were made to the recently released Copy Fail exploit module, which now benefits from payload fixes in linux/x64/exec and linux/armle/exec. These changes expand its...

5.7AI score0.07085EPSS
Exploits1
Rapid7 Blog
Rapid7 Blog
added 2026/05/08 12:37 p.m.15 views

Zero Chaos: Scaling Detection Engineering at the Speed of Software, with Detection As Code

Every engineering team in your organization ships code through a pipeline. They branch, test, review, and deploy. If something breaks, they roll back. If someone asks "what changed?", the answer is in the commit history. This isn't heroic discipline to process; it's just how software gets built...

5.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/05/06 1:27 p.m.8 views

Critical Buffer Overflow in Palo Alto Networks PAN-OS User-ID Authentication Portal (CVE-2026-0300)

Overview On May 6, 2026, Palo Alto Networks published a security advisory for CVE-2026-0300, a critical unauthenticated buffer overflow vulnerability affecting PAN-OS PA-Series and VM-Series firewall appliances. Prisma Access, Cloud NGFW, and Panorama appliances are not affected by this...

9.8CVSS6.8AI score0.36157EPSS
Exploits6
Rapid7 Blog
Rapid7 Blog
added 2026/05/01 8:22 p.m.9 views

Metasploit Wrap-Up 05/01/2026

MCP server This release our very own cdelafuente-r7 finished implementing the Metasploit MCP Server msfmcpd, bringing Model Context Protocol support to Metasploit Framework. MCP lets AI applications like Claude, Cursor, or your own custom agents query Metasploit data. Think of it as a middleware...

7.8CVSS6.2AI score0.96775EPSS
Exploits228
Rapid7 Blog
Rapid7 Blog
added 2026/04/29 8:0 p.m.14 views

CVE-2026-41940: cPanel & WHM Authentication Bypass

Overview On April 28, 2026, cPanel issued a security update to fix a critical vulnerability affecting the cPanel & WHM and WP Squared products. In the cPanel release notes, the bug was described as "an issue with session loading and saving." CVE-2026-41940, the identifier subsequently assigned on...

9.8CVSS6.4AI score0.981EPSS
Exploits64
Rapid7 Blog
Rapid7 Blog
added 2026/04/24 8:17 p.m.8 views

Metasploit Wrap-Up 04/25/2026

Check Method Visibility Metasploit has supported check methods for many years now. It’s not always desirable to jump straight into exploiting a vulnerability but instead to determine if the target is vulnerable. Metasploit tries to be very conservative with classifying a target as “vulnerable”...

9.8CVSS9.1AI score0.33694EPSS
Exploits19
Rapid7 Blog
Rapid7 Blog
added 2026/04/21 2:38 p.m.14 views

Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained

Overview For executive leadership, the emergence of Kyber ransomware represents a significant and immediate threat due to its specialized, dual-platform deployment capability targeting mission-critical virtualization infrastructure VMware ESXi and core Windows file systems. This cross-platform...

6.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/04/20 4:20 p.m.8 views

Project Glasswing and the Next Challenge for Defenders: Turning Faster Discovery into Faster Action

Anthropic’s Project Glasswing has sparked plenty of discussion about what AI might soon do for vulnerability discovery, but the more useful question for most security teams is how to prepare for, and more importantly seize the opportunity of, what comes next. As we wrote in our earlier blog, What...

5.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/04/17 8:35 p.m.10 views

Metasploit Wrap-Up 04/17/2026

Happy Friday - Seven New Metasploit Modules We’re happy to announce that Metasploit Framework had a big week, landing seven new modules alongside various bug fixes and enhancements. This week’s highlights include RCE modules targeting AVideo, openDCIM, Selenium Grid/Selenoid, and ChurchCRM. On th...

9.8CVSS6.5AI score0.05648EPSS
Exploits6
Rapid7 Blog
Rapid7 Blog
added 2026/04/16 7:44 p.m.7 views

CVE-2026-33032: Nginx UI Missing MCP Authentication

Overview On March 30, 2026, a security advisory was published for a critical vulnerability affecting Nginx UI. Nginx UI is an open-source web interface to centralize the management of Nginx configurations and SSL certificates. The critical vulnerability, CVE-2026-33032, was reported in early Marc...

9.8CVSS7.3AI score0.38477EPSS
Exploits14
Rapid7 Blog
Rapid7 Blog
added 2026/04/14 9:48 p.m.16 views

Patch Tuesday - April 2026

Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday. Microsoft is aware of exploitation in the wild for one of today’s vulnerabilities, and public disclosure for one other. Microsoft evaluates 19 of the vulnerabilities published today as more likely to see future exploitation...

9.8CVSS7.8AI score0.5585EPSS
Exploits6
Rapid7 Blog
Rapid7 Blog
added 2026/04/14 12:31 p.m.9 views

Your Cloud Detection Strategy in 2026: What to Expect at the Global Cybersecurity Summit

Cloud environments have changed how security teams detect and respond to threats. Signals come from more places, identities are harder to track, and attacks rarely stay within a single system. For many teams, the challenge is no longer visibility. It is having the risk context to understand what...

5.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/04/10 7:11 p.m.8 views

Metasploit Wrap-Up 04/10/2026

Speedup Improvements of MSFVenom & New Modules This week, we have added new modules to Metasploit Framework targeting Cisco Catalyst SD-WAN controllers and osTicket as well as updates and improvements to Windows service-for-user persistence, and LDAP/ADCS-related modules to automatically report...

10CVSS7.6AI score0.73125EPSS
Exploits12
Rapid7 Blog
Rapid7 Blog
added 2026/04/03 7:6 p.m.8 views

Metasploit Wrap-Up 04/03/2026

Additional Adapters and More Modules This week, we added a whole new bunch of HTTP/HTTPS-based CMD payloads for X64 and X86 versions of Windows. The additional breadth of selectable payloads and delivery techniques allows users new options to tailor the attack workflow for their environment. This...

10CVSS6.6AI score0.3114EPSS
Exploits11
Rapid7 Blog
Rapid7 Blog
added 2026/04/02 1:0 p.m.8 views

New Whitepaper: Stealthy BPFDoor Variants are a Needle That Looks Like Hay

Executive Overview Advanced persistent threats APTs are constantly and consistently changing tactics as network defenders plug holes in defenses. Static indicators of compromise IoCs for the BPFDoor have been widely deployed, forcing threat actors to get creative in their use of this particular...

5.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/03/27 8:48 p.m.7 views

Metasploit Wrap-Up 03/27/2026

Better NTLM Relaying Functionality This week’s release brings an improvement to the SMB NTLM relay server. In the past, it’s support has been expanded with modules for relaying to HTTP ESC8, MSSQL and LDAP while still receiving connections over the humble SMB service. Prior to this release, clien...

9.8CVSS7.3AI score0.00447EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/03/26 1:0 p.m.18 views

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

Executive overview The strategic positioning of covert access within the world’s telecommunication networks A months-long investigation by Rapid7 Labs has uncovered evidence of an advanced China-nexus threat actor, Red Menshen, placing some of the stealthiest digital sleeper cells the team has ev...

6.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/03/24 8:0 p.m.8 views

New Whitepaper: Exploiting Cellular-based IoT Devices

Rapid7 has released a whitepaper titled “The Weaponization of Cellular Based IoT Technology,” by Deral Heiland, principal security researcher, IoT, at Rapid7, and Carlota Bindner, lead product security researcher at Thermo Fisher Scientific. The paper examines how attackers with physical access c...

5.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/03/24 4:4 p.m.13 views

Rapid7 Completes BSI C5 Type 2 Examination: Stronger Cloud Security for DACH Organizations

If you're a security leader operating in Germany, Austria, or Switzerland, you already know that compliance isn't a checkbox. It's a competitive differentiator. Rapid7 has completed BSI C5 Type 2 attestation for the Rapid7 Command Platform, including Threat Command, and it's a milestone worth...

5.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/03/23 7:30 p.m.13 views

CVE-2026-3055: Citrix NetScaler ADC and NetScaler Gateway Out-of-Bounds Read

Overview On March 23, 2026, Citrix published a security advisory for a critical vulnerability affecting their NetScaler ADC formerly Citrix ADC and NetScaler Gateway formerly Citrix Gateway products. This vulnerability, CVE-2026-3055, which is classified as an out-of-bounds read and holds a CVSS...

9.8CVSS7.2AI score0.83996EPSS
Exploits7
Rapid7 Blog
Rapid7 Blog
added 2026/03/20 8:3 p.m.13 views

Metasploit Wrap-Up 03/20/2026

♫ I Just Called ♫ To Say ♫ 7f45 4c46 0201 0100 0000 0000 0000 0000 0300 3e00 0100♫ This release contains 2 new exploit modules, 2 enhancements, and 7 bug fixes. Community contributor Chocapikk submitted both exploit modules this release: one targeting AVideo-Encoder’s getImage.php file and anothe...

9.8CVSS7.6AI score0.84417EPSS
Exploits6
Rapid7 Blog
Rapid7 Blog
added 2026/03/20 3:18 p.m.8 views

Negotiating with the Board: Translating Active Risk into Financial Exposure

Security leaders rarely struggle to produce data. The challenge is turning that data into something the board can use to make decisions. Walk into a board meeting with a slide showing 1,200 critical vulnerabilities and 44 internet-facing assets, and you will likely see polite acknowledgment rathe...

5.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/03/20 1:0 p.m.7 views

CVE-2026-31381, CVE-2026-31382: Gainsight Assist Information Disclosure and Cross-Site Scripting (FIXED)

Overview Rapid7 Labs recently identified a chain of security vulnerabilities in the Gainsight Assist plugin and its interactions with the associated domain app.gainsight.com. These vulnerabilities include an Information Disclosure flaw CVE-2026-31381 and a Reflected Cross-Site Scripting XSS...

6.1CVSS5.8AI score0.00303EPSS
Exploits1
Rapid7 Blog
Rapid7 Blog
added 2026/03/18 1:0 p.m.10 views

The Attack Cycle is Accelerating: Announcing the Rapid7 2026 Global Threat Landscape Report

The predictive window has collapsed. In 2025, high-impact vulnerabilities weren’t quietly accumulating risk. They were operationalized, and often within days. Today, Rapid7 Labs released the 2026 Global Threat Landscape Report, an in-depth analysis of how attacker behavior is evolving across...

6.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/03/13 7:6 p.m.13 views

Metasploit Wrap-Up 03/13/2026

No bad luck here: Friday the 13th brings new modules and a Metasploit Pro milestone This week’s Metasploit Framework release delivers three new modules across reconnaissance, evasion, and exploitation: LeakIX-powered discovery for exposed services and leaked data, a Linux x64 RC4 payload packer f...

9.8CVSS5.8AI score0.05126EPSS
Exploits5
Rapid7 Blog
Rapid7 Blog
added 2026/03/12 1:0 p.m.11 views

The Face of Penetration Testing is Changing: Announcing Metasploit Pro 5.0.0

The role and demand for red-teaming capabilities are growing, as more exploitable CVEs make their way into criminal hands. Being proactive is no longer a capability that can be reserved for annual tests, but a continuous assessment to determine exposure and even through the validation of an...

5.7AI score
Exploits0
Total number of security vulnerabilities1723