81 articles · page 2 of 2
Rapid7, Wednesday, October 29th, 2025
Exposures are rising faster than security teams can decide what to fix, and those teams often lack a clear view of business impact per risk. Which critical assets are exposed? Are exploits active? What are the operational consequences?
more →
Rapid7, Wednesday, October 29th, 2025
Rapid7 announced AI-generated risk intelligence as part of the Rapid7 Command Platform. Delivered through Remediation Hub, the new capability accelerates remediation by giving security teams a contextual, and actionable view of each exposure, transforming vulnerability data into risk intelligence informed decisions that help teams to prioritize remediation, and communicate and collaborate with internal teams to drive measurable risk reduction
more →
Rapid7, Wednesday, October 29th, 2025
Let's be honest, we as an industry spend far too long responding to issues that simply don't matter. Chasing down false positives, reviewing threat intelligence reports that bear no relation to our sector, and more recently reviewing vulnerability advisories of systems not deployed within the environment.
more →
Rapid7, Monday, October 27th, 2025
The global threat landscape is undergoing an unprecedented transformation. Organizations are facing dizzying levels of complexity, driven by rapid technological innovation, the widespread adoption of artificial intelligence, and the expected disruptive effects of quantum computing.
more → Rapid7, Monday, October 6th, 2025
When we last wrote about the rising tide of cyberattacks hitting the retail sector, the headlines were already sobering: disruption at major brands, ransomware claims, and attackers showing a deep understanding of how to break into systems and exploit trust.
more → Rapid7, Thursday, September 25th, 2025
On September 25, 2025, Cisco published advisories for three notable vulnerabilities affecting many different Cisco products.
more → Rapid7, Monday, September 22nd, 2025
Rapid7 has identified a permission bypass vulnerability in multiple versions of OnePlus OxygenOS installed on its Android smartphones, across multiple devices.
more → Rapid7, September 17,2025
IT security teams are overloaded. Between surging data volumes, an endless stream of cloud security alerts, and rising threats from AI-enabled hacker tools, many IT admins admit to fatigue. Rapid7 is responding by embedding AI into every part of its Command Platform, giving teams a faster way to triage alerts and reduce cyber risk.
more → Rapid7, Thursday, September 4th, 2025
Automated security scanners can be stopped in their tracks by Multi-Factor Authentication (MFA). While this is great for security, it poses a challenge for scanning. Luckily, Rapid7's InsightAppSec makes it easy to handle Time-based One-Time Passwords (TOTP), a six-digit code that refreshes every 30 seconds.
more → Rapid7, Wednesday, September 3rd, 2025
Google Cloud Threat Intelligence recently reported a data theft campaign targeting Salesforce customers through compromised OAuth tokens. In this case, attackers stole Salesforce OAuth and refresh tokens from a third-party integration (Salesloft Drift) and used them to access and exfiltrate sensitive data including AWS access keys, passwords, and Snowflake tokens.
more → Rapid7, Wednesday, August 27th, 2025
Rapid7, Inc. (NASDAQ: RPD), a leader in threat detection and exposure management, today announced it has been positioned in the Leaders category of the IDC MarketScape: Worldwide Exposure Management 2025 Vendor Assessment
more → Rapid7, Monday, August 18th, 2025
When a zero-day exploit targets your infrastructure, the clock starts ticking. Fast. And in today's threat landscape, speed without context is chaos.
more → Rapid7, Monday, August 18th, 2025
In today's threat landscape, meeting compliance requirements like PCI DSS, SOC 2, and the NIST Cybersecurity Framework is no longer just about ticking boxes. It's about proving that your security controls actually work under pressure.
more → Rapid7, Wednesday, July 30th, 2025
When we talk about cybersecurity, much of the focus tends to center around keeping attackers out-blocking unauthorized access, hardening perimeter defenses, and protecting login credentials. These are all important protections, but what happens once someone is inside the system, even with legitimate access?
more → Rapid7, Wednesday, July 30th, 2025
Building on insights from Rapid7's Q1 and Q2 2025 ransomware trend reports, it's clear that the ransomware economy continues to evolve - and not just in volume, but also in business maturity.
more → Rapid7, Thursday, July 24th, 2025
"Tumultuous times" would be an accurate summary of Q2 2025 where ransomware threat actors are concerned. Rapid7's internal and publicly-available data analysis reveals a dynamic environment where major players come and go, newer groups work their way up the heavy-hitters ladder, and threat actors jostle for top dog status.
more →
Rapid7, July 1,2025
Recent threat research highlights a growing risk in the Python and machine learning (ML) ecosystem: the exploitation of serialized model files, specifically those using Python's pickle module.
more → Rapid7, Monday, June 23rd, 2025
Many aspects of what makes an investigation successful are the best parts of human intelligence: judgment, contextual awareness, and strategic thinking. But the overwhelming demands of the current security landscape - with attacker breakout times now under an hour - narrow the window for these techniques to be applied at scale. But what if you could encode the instincts of an experienced analyst into every investigation and execute at machine speed?
more → Rapid7, Wednesday, June 18th, 2025
Security teams are under more pressure than ever. With attack surfaces growing, regulations tightening, and the average breach cost climbing, it's no surprise that many organizations are rethinking how they approach vulnerability management.
more → Rapid7, Wednesday, June 18th, 2025
AI is transforming every part of cybersecurity - and the risks and opportunities are expanding fast. In Rise of the Machines: Building Cyber Resilience with AI, part of the Take Command 2025 Virtual Cybersecurity Summit, experts explored the real-world impact of AI on security operations today.
more → Rapid7, Tuesday, June 17th, 2025
Security teams are at a breaking point. Alerts won't stop, CVEs keep piling up, and patch fatigue is setting in. In today's threat landscape, reacting faster is no longer enough - teams are needing to align better, think like an attacker and prioritize with context.
more → Rapid7, Tuesday, June 17th, 2025
Rapid7's Incident Response (IR) team was engaged to investigate an incident involving an attempted Cobalt Strike execution. The investigation uncovered twists and turns with pre-ransomware activities, tunneling tools, and attackers taking a page out of the defender's playbook.
more → Rapid7, Monday, June 16th, 2025
In recent weeks, Rapid7 has observed an increased volume of incidents involving domains generated by domain generation algorithms (DGAs).
more → Rapid7, Tuesday, June 10th, 2025
There has been a significant decrease in social engineering attacks linked to the Black Basta ransomware group since late December 2024.
more → Rapid7, Tuesday, June 3rd, 2025
The rise of GenAI-powered applications - from internal copilots to customer-facing chatbots - is changing how businesses operate. While these tools drive innovation, they also introduce a fast moving, often invisible layer of risk.
more → rapid7, Friday, May 30th, 2025
Imagine hiring a professional security team to guard your home - only to discover they're doing so by monitoring camera feeds from only the front of the house - securing the front door but blissfully unaware of the unlocked window in the back.
more → Rapid7, Wednesday, May 28th, 2025
The Take Command 2025 Virtual Cybersecurity Summit wasn't just about sharing insights, it was about listening. After the live sessions wrapped, we surveyed attendees to understand where their security programs stand today, what challenges they're facing, and what they found most valuable during the event.
more → Rapid7, Tuesday, May 27th, 2025
When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines.
more → Rapid7, April 29,2025
New innovations address the complexity of modern enterprise environments, providing effective remediation at scale via proactive exposure remediation and AI-assisted automated detection and response.
more → Rapid7 News, Thursday, April 24th, 2025
Purpose-built for large enterprises, the latest evolution of Rapid7's MDR offering delivers flexible, expert-led cybersecurity coverage that meets the unique demands of complex, distributed environments
more → Rapid7 News, Wednesday, April 23rd, 2025
Integrated threat intelligence solution delivers proactive context and prioritization, rapidly accelerating time to remediation
more →