Rapid7

Modern attacks move in minutes, so resilience depends on acting earlier. At Rapid7’s Global Cybersecurity Summit, see how security teams are prioritizing real risk and moving beyond reactive operations. Save your spot: r-7.co/4sUjTK3

On May 14, #PaloAltoNetworks published a security advisory for CVE-2026-0265 –a signature verification vulnerability that facilitates authentication bypass on PAN-OS. Palo Alto Networks assigned CVE-2026-0265 a “High” 7.2 CVSS score. More via our blog: r-7.co/438oEV7

🚨 Rapid7 Labs has discovered an authentication bypass vuln. affecting #Cisco Catalyst SD-WAN Controller (FKA vSmart). CVE-2026-20182 has a Critical CVSSv3.1 score of 10.0 and allows a remote unauth. attacker to perform privileged operations. Read on: r-7.co/4uLxSlR

In Episode 5 of Hacktics and Telemetry, @fulmetalpackets & @_CryptoCat talk zero-click XSS vulns (featuring @J0R1AN), bug bounty updates, Copyfail, and @metasploit's new MCP server 🔥 👉 Full video on YouTube: r-7.co/49wOqG9 🎧 Audio on Spotify: r-7.co/436KHLS

Rapid7 observed a recent enterprise intrusion that began with a fake IT support Teams message, escalated via fake lock screens, Python-based RATs & a kernel exploit, then secured domain-wide credential access – all within 2 days. Get to know #ModeloRAT: r-7.co/4npcZuB

🔐 Lock in for Day 2 of Rapid7's Global Cybersecurity Summit, featuring a 2-track breakout format designed for both Leaders & Practitioners. Register here to watch live or on-demand: r-7.co/3OVo89J

Rapid7 announced Cyber GRC today, a new solution that brings security ops, governance & compliance together in one view. Now, manage GRC requirements in a way that stands up to both regulatory scrutiny and board-level oversight. Secure early access: r-7.co/49GrpR6

Don't miss a minute — Rapid7's 2026 Global Cybersecurity Summit is starting now. 🛡️ Register for access and tune in now: r-7.co/4topN5D

⌛ The wait is almost over. Tomorrow, Rapid7 kicks off our 2026 Global Cybersecurity Summit! Here's your chance to explore the run-of-show via our latest blog, and find a link to save your spot within: r-7.co/4wp2b3z

Today, Rapid7 was included in @OpenAI's Trusted Access for Cyber program and new model launch announcement. To us, this partnership means equipping security teams with advanced capabilities and meaningfully improving their cyber resilience. Keep reading: r-7.co/3QNdgv9

🚨 On 5/6/26, #PaloAltoNetworks published a security advisory for a critical vuln. affecting PAN-OS PA-Series & VM-Series firewall appliances. CVE-2026-0300 carries a CVSSv4 score of 9.3 and has been confirmed as exploited in the wild by the vendor. More: r-7.co/48ML0Pf

A sophisticated, state-sponsored intrusion observed in early 2026 appeared to be a standard Chaos ransomware attack. Forensic analysis has since unmasked it as a false flag attempt, linking the incident to the Iranian APT #MuddyWater. More in a new blog: r-7.co/4tiWod0

And, while @fulmetalpackets & @_CryptoCat are known to smash it on camera, episodes 1-4 are now available on Spotify for an all-audio experience – perfect for commutes and working sessions! 🎧 Save the podcast here: r-7.co/4tJ4jBj

In Episode 4 of Hacktics & Telemetry, our hosts sit down to talk bug bounties, AI superpowers, and breach impersonations. 👾 👉 Dive into the full conversation on YouTube: r-7.co/4wb0GpJ

🚀 Coming May 5, we'll be launching a series of live product demos revolving around our MDR & Exposure Command solutions – each 30 minutes long and driven by a Rapid7 expert. 👉 Join us then, or register once to access the full series on-demand. More: r-7.co/4tLzXOT

🚨 On 4/28/26, #cPanel issued a security update to fix a critical vuln. affecting its WHM and WP Squared products. With a CVSS score of 9.8, CVE-2026-41940 allows unauth. remote attackers to bypass authentication & gain administrative access to systems: r-7.co/4vZ0vgX

Fewer than 10% of vulnerabilities are exploited, but most are prioritized as urgent. Context-driven exposure prioritization is essential, combining threat intel, asset context, & control validation to focus on what’s actually exploitable. Learn more: r-7.co/4mIiLqR

Security teams are dealing with a different kind of pressure today. If your day-to-day revolves around AI, threat detection, or exposure management, our upcoming Global Cybersecurity Summit is your one-stop shop. Learn more & save your spot here: r-7.co/4cu2LoR

Exploited high and critical vulnerabilities are up 105% YoY. The 2026 Global Threat Landscape Report breaks down how shrinking disclosure-to-exploitation timelines are reshaping how teams assess and respond. Download it here: r-7.co/3PicnK6

🔎 During a recent IR engagement, Rapid7 recovered 2 #Kyber ransomware payloads. One targeted VMware ESXi infrastructure, and the other, Windows file servers – serving as a rare opportunity to analyze both variants side-by-side. Technical analysis here: r-7.co/4vN8PQY

🔸 🔶 Now loading: The 2026 @NHLBruins Playoffs, presented by Rapid7. The puck drops this weekend, and it's time to make some noise. But first, a message from two familiar faces ⤵️