2 min
Events
Key Takeaways from the Take Command Summit 2025: Customer Panel on Future-Proofing VM Programs
Learn how security leaders are evolving VM into exposure management. Get key takeaways from the Take Command 2025 customer panel. Watch on demand.
5 min
News
Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape
When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines – reflecting a growing trend where attackers exploit third-party vendors to breach businesses through a single point of entry.
4 min
Vector Command
Threats don’t wait, neither should you: Mastering Emergent Threat Response Validation
Rapid7 Labs uncovers emerging threats and delivers cutting-edge research; Vector Command puts that intelligence to work—validating response strategies, optimizing defenses, and ensuring organizations are ready when it matters most. Because in cybersecurity, the best defense is a well-prepared team.
3 min
Metasploit
Metasploit Wrap-Up
Making Metasploit faster
This week's wrap-up includes many new modules, but notably, we've upgraded
Metasploit loading. Thanks to bcoles , the bootup
performance when searching for a module has been increased in #20166
. Also, we've reduced
Metasploit startup time - in #20155
.
New module content (6)
Gather Ticket Granting Service (TGS) tickets for Use
3 min
Events
What the Take Command 2025 Survey Tells Us About the State of Security
After the Take Command 2025 Virtual Cybersecurity Summit sessions wrapped, we surveyed attendees to understand where their security programs stand today, what challenges they’re facing, and what they found most valuable during the event.
14 min
Research
NSIS Abuse and sRDI Shellcode: Anatomy of the Winos 4.0 Campaign
Rapid7 has been tracking a malware campaign that uses fake software installers disguised as popular apps like VPN and QQBrowser—to deliver Winos v4.0, a hard-to-detect malware that runs entirely in memory and gives attackers remote access.
2 min
Events
Key Takeaways from the Take Command Summit 2025: Inside the Mind of an Attacker
In one of the most anticipated sessions of Take Command 2025, Raj Samani, Chief Scientist at Rapid7, sat down with Trent Teyema, former FBI Special Agent and President of CSG Strategies, for a candid conversation on how threat actors are evolving and what defenders must do to keep up.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 05/16/2025
New modules for everyone
This week’s release is packed with new module content. We have RCE modules for
Car Rental System 1.0, Wordpress plugins SureTriggers, User Registration and
Membership. We also have a persistence module for LINQPad software and an
auxiliary module for POWERCOM UPSMON PRO. We have also added support for 32-bit
architectures to our execute-assembly post module, which now supports injection
of both 64-bit and 32-bit .NET assembly binaries.
New module content (5)
POWERCOM UP
2 min
Emergent Threat Response
Ivanti Endpoint Manager Mobile exploit chain exploited in the wild
On May 13, 2025, Ivanti disclosed an exploited in the wild exploit chain, comprising of two new vulnerabilities affecting Ivanti Endpoint Manager Mobile: CVE-2025-4427 and CVE-2025-4428.
2 min
Emergent Threat Response
CVE-2025-32756 Exploited in the Wild, Affecting Multiple Fortinet Products
On May 13, 2025, Fortinet disclosed CVE-2025-32756, an unauthenticated stack-based buffer overflow affecting multiple FortiNet products; including FortiVoice, FortiRecorder, FortiNDR, FortiMail, and FortiCamera.
10 min
Patch Tuesday
Patch Tuesday - May 2025
Seven zero-days: Window Scripting Engine, 2x CLFS, DWM, Visual Studio, AFD for Winsock, Defender for Identity.
3 min
Exposure Management
Vendor-Agnostic Security: The Key To Smarter Risk Management
In this post, we’ll explore how a vendor-agnostic approach, powered by exposure assessment platforms (EAPs), helps you manage risk smarter – by unifying your attack surface and helping your team focus on what matters most.
3 min
Rapid7 Culture
Recognizing Excellence: Rapid7’s Kelly Hiscoe and Heather DeMartini Honored as CRN’s 2025 Women of the Channel
We are thrilled to announce that two outstanding Rapid7 team members, Kelly Hiscoe and Heather DeMartini, have been recognized as CRN's 2025 Women of the Channel.
2 min
Metasploit
Metasploit Wrap-Up 05/09/2025
New Toys and New Techniques
This release features a new OPNSense login scanner, a module targeting the Sante
PACS path traversal vulnerability, an additional method for stealing Network
Access Account credentials via SMB to HTTP relay, and the Erlang/OTP SSH exploit
everyone was excited about.
New module content (4)
Sante PACS Server Path Traversal (CVE-2025-2264)
Authors: Michael Heinzl and Tenable
Type: Auxiliary
Pull request: #20124
19 min
Vulnerability Disclosure
Multiple vulnerabilities in SonicWall SMA 100 series (FIXED)
Rapid7 is disclosing three new vulnerabilities in SonicWall SMA 100 series appliances (CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821). An attacker with access to an SMA SSLVPN user account can chain these vulnerabilities for root-level code execution.
