👀 What's new in Rapid7 products & services? From our acquisition of Kenzo Security to launching Metasploit Pro 5.0.0, we got off to a 🔥 start in 2026.
We round up the latest improvements to the Rapid7 Platform & Labs' top Q1 research in a new blog: r-7.co/4dFsD1X
#Anthropic's Project Glasswing is purported to have identified thousands of high-severity vulns & developed related exploits.
In a new blog, Rapid7's Dir. Vuln. Intelligence poses key questions that everyone from CISOs to engineers should be considering: r-7.co/4c1jNKH
Rapid7’s IR team was recently engaged around CVE-2025-59718 – a vuln that facilitates SSO login bypass in #Fortinet FortiGate appliances.
In a new blog, dive into our investigative methodology, practical detection opportunities & more: r-7.co/3Q0CMwo
New research from Rapid7 Labs has led to the discovery of 7 new BPFDoor variants, through which stateless C2 routing and ICMP relay work to bypass multi-million dollar security stacks & establish persistence in global telecoms.
More in a brand new blog: r-7.co/4seMqZI
The Initial Access Broker (IAB) market is visibly maturing. In H2 2025...
📈 Asking prices (and the size of targeted orgs) rose drastically
👀 New marketplaces thrive as older forums stall or shut down
🏛️ Government the top-targeted sector
For key findings, recommendations & more: r-7.co/4bVvi4Z
Rapid7 announces the acquisition of Kenzo Security to accelerate preemptive, AI-powered security operations.
This expands Rapid7’s Command Platform to deliver scalable, machine-speed detection and response that disrupts attackers. Learn more: r-7.co/3NORWnN
▶️ Now Playing: Telecom Sleeper Cells, SD-WAN Bypasses, & LLM Bug Bounties.
In Episode 2 of Hacktics and Telemetry, Douglas McKee & @cryptocat.me continue to bring you the latest in cybersecurity news, vuln research, and actionable defensive strategies: https://r-7.co/4sTbDu5
Starting soon #RSAC: Christiaan Beek, VP of Cyber Intelligence, details new research that uncovered stealth “sleeper cell” access embedded in telecommunications networks by a China-nexus threat actor.
This type of compromise impacts everyone - this is a conversation you don’t want to miss.
CTA member @rapid7.com uncovered stealth “sleeper cell” access embedded in telecommunications networks by a China-nexus threat actor. This type of compromise impacts everyone.
tinyurl.com/233r7e6t
#cybersecurity
Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks
📖 Read more: www.helpnetsecurity.com/2026/03/26/t...
#cybersecurity #cybersecuritynews #backdoor #malware #Linux @rapid7.com
🚨 Rapid7 Labs has uncovered stealth “sleeper cell” access embedded in telecommunications networks by a China-nexus threat actor.
Telecom networks are the central nervous system of the digital world. This type of compromise impacts everyone. IoCs & more: r-7.co/3NQ7szA
Tomorrow at #RSAC: Christiaan Beek shares new research on how advanced actors establish long-term, covert access inside telecom environments, & what that means for defenders.
If you’re defending critical infrastructure, this is a conversation you don’t want to miss.
Day 2 at #RSAC ✔️
From booth conversations to new threat intel, it’s already been a busy one — but the week’s not over yet. 🤖 And there's still time to enter the giveaway, your future droid is waiting!
See you at Booth S-3201 tomorrow 👋
Presented at #RSAC2026 by Deral Heiland, this research breaks down how these attacks work in practice and the consistent risks observed across tested devices.
If you’re on the ground at #RSAC, come find us at Booth S-3201 to talk more.
How easily can a compromised IoT device become a path into cloud and backend systems?
New from Rapid7 Labs shows how attackers exploit cellular modules to move into cloud environments, exfiltrate data, & hide command channels in normal device traffic.
🔗 https://r-7.co/47pAMno
⏳ Starting soon: Deral Heiland, Principal Security Researcher (IoT), presents on how hardware hacking techniques exploit cellular IoT to gain trusted access and how organizations can better defend against these risks.
1:15–2:05 PM | Moscone West 2020 | Reserved seating
Christiaan Beek unveils new threat intel in “Sleeper Cells in the Telecom Backbone: Covert Ops," mapping a stealth Linux backdoor used by the China-linked Red Menshen group to infiltrate telecom backbone infrastructure.
📅 3/26 | 12:20 PM - 1:10 PM PDT | Moscone West 2018
Last night at #RSAC: Rapid7 Labs was awarded Cyber Threat Alliance's Most Valuable Early Share!
The CTA’s Early Sharing Program enables near real-time sharing of threat intelligence and research to help teams stay ahead of emerging threats.
🚨 On March 23, 2026, #Citrix published a security advisory for a critical vuln. affecting their NetScaler ADC & Gateway products.
CVE-2026-3055, an out-of-bounds read, allows unauthenticated remote attackers to leak information from the appliance's memory. Read on: r-7.co/41nwCJ7
🚨 Rapid7 Labs recently identified a chain of security vulns in #Gainsight Assist, an email plugin for the popular Customer Success software.
CVE-2026-31381 & CVE-2026-31382 are an info. disclosure flaw and a reflected XSS vulnerability, respectively: r-7.co/4uG8I93
☁️ Most cloud security programs still rely on static assessment, but that doesn’t show what’s actually exploitable.
New capabilities in Rapid7 Exposure Command bring runtime validation and data context to help teams identify and prioritize real risk.
📰 https://r-7.co/479uojW
Exploited high and critical vulnerabilities increased 105% YoY‼️
Attackers are moving faster than ever, collapsing disclosure timelines, industrializing ransomware, and accelerating attacks with AI. More in the new 2026 Global Threat Landscape Report: https://r-7.co/4dsL49S
New updates to the Rapid7 PACT Partner Program strengthen how Rapid7 and its partners engage customers and deliver value faster.
Partner tiers, streamlined deal motions, and improved program economics support scalable partner-led growth.
📰 https://r-7.co/4rBnvPS
Rapid7 is bringing new research and insights to RSAC. Christiaan Beek, VP of Cyber Intelligence, will present new research on how threat actors sustain covert telecom espionage using stealth Linux backdoors.
More on everything Rapid7 has planned for RSAC: r-7.co/45NKu20
Social engineering via IT support impersonation is nothing new. Here, the takeaway should be that #Teams often allows any external user to message internal staff – granting threat actors a direct, high-trust channel to your end users.
🚨 Rapid7 MDR is monitoring an increase in phishing campaigns via #MicrosoftTeams, wherein threat actors are impersonating internal IT departments then persuading users to grant remote access.
Find our guidance in a new blog: r-7.co/46Y0grO
Make room in your RSAC itinerary for Principal Researcher (IoT) Deral Heiland's session on how hardware hacking techniques exploit cellular IoT to gain trusted access & how organizations can better defend against these risks.
Get the details: https://r-7.co/3PywfbV | @Percent_X
🎤👾 Introducing Hacktics and Telemetry, a bi-weekly video and audio podcast out of Rapid7 Labs, starring Rapid7's Doug McKee (fulmetalpackets) & Jonah Burgess (@cryptocat.me)!
🧵 Find episode 1's companion blog here: r-7.co/4di8tuH
▶️ Or dive right into the full vid on YouTube: r-7.co/3NiQfP2
Today, Rapid7 Labs published 2 advisory blogs around the conflict in Iran:
👉 Iran’s Cyber Playbook | Observed cyber activity & trends: r-7.co/4sFoP5c
👉 Detection coverage for Rapid7 customers: r-7.co/4be3vfW
Microsoft published 77 vulnerabilities for March's #PatchTuesday. 2 were publicly disclosed, though none have evidence of exploitation in the wild (yet).
🔍 Get the full analysis of what stood out this month: https://r-7.co/4rrySd8
