3 min
Vulnerability Disclosure
CVE-2025-1094: PostgreSQL psql SQL injection (FIXED)
Rapid7 discovered and is disclosing CVE-2025-1094, a high-severity SQL injection vulnerability affecting the PostgreSQL interactive tool psql.
8 min
Patch Tuesday
Patch Tuesday - February 2025
Four zero-days: AFD EoP, Storage EoP, NTLMv2 disclosure, Surface container escape. Critical RCEs in LDAP, DHCP client, Excel.
5 min
Research
How To Protect Your Organization's Bluesky Account From Security Threats
This blog explains how to secure your Bluesky account from security threats such as malware and phishing, as well as establishing your identity to help prevent fraud and impersonation.
2 min
Career Development
Interning at Rapid7 Prague: Meet Mko
Mkrtich Hovsepyan – most people call him Mko – is an intern at Rapid7’s fast-growing office in Prague. He was in our first impressive crop of interns, and is sharing his experience as we gear up for our next wave of intern hiring.
4 min
Vector Command
Vector Command Opportunistic Phishing Blog
Vector Command is Rapid7’s new continuous red teaming managed service, designed to assess your external attack surface and identify gaps in the security defenses on an ongoing basis.
3 min
Metasploit
Metasploit Weekly Wrap-Up 02/07/2025
Gathering data and improving workflows
This week's release includes 2 new auxiliary modules targeting Argus
Surveillance DVR and Ivanti Connect Secure. The former, contributed by Maxwell
Francis, and based on the work of John Page, can be used to retrieve arbitrary
files on the target's filesystem by exploiting an unauthenticated directory
traversal vulnerability. The latter, brought by our very own Martin Šutovský
, is a HTTP login scanner for Ivanti Connect
Sec
3 min
MSSP
4 Reasons Why MSPs & MSSPs Need to Enhance Attack Surface Management
Here are four key reasons why enhancing attack surface management should be a top priority for MSPs and MSSPs.
2 min
Events
Take Command | Rapid7’s 2025 Cybersecurity Summit: Own Your Attack Surface on April 9
Take Command is back. After a hugely successful event last year, Rapid7’s cybersecurity summit returns with another stellar lineup to equip security teams with the latest threat intelligence, expert insights, and real-world strategies to take control of an evolving attack landscape.
2 min
Exposure Command
Introducing the Exposure Management Webinar Series: Commanding Your Attack Surface
The digital landscape is expanding rapidly, and with it, the complexity of managing an organization's attack surface. To help cybersecurity professionals navigate this challenge, Rapid7 presents a three-part webinar series, "Commanding Your Attack Surface."
2 min
Awards
Excellence in Leadership: CRN Recognizes Alex Page Among Its 2025 Channel Chiefs
For the third consecutive year, Rapid7’s Alex Page has been honored as a CRN Channel Chief, a testament to his unwavering commitment to driving growth, fostering innovation, and strengthening our global channel partnerships.
3 min
Metasploit
Metasploit Weekly Wrap-Up 01/31/25
ESC4 Detection
This week, Metasploit’s jheysel-r7 updated the
existing ldap_esc_vulnerable_cert_finder module to include detecting template
objects that can be written to by the authenticated user. This means the module
can now identify instances of ESC4 from the perspective of the account that the
Metasploit operator provided the credentials for. Metasploit has been capable of
exploiting ESC4 for some time, but required users to know which certificate
templates t
4 min
Career Development
Paying It Forward: Giving and Receiving Mentorship in Tech
This post was adapted from the Northern Ireland Developer Conference 2024 talk of the same name.
5 min
Ransomware
The 2024 Ransomware Landscape: Looking back on another painful year
In this post, we’ll examine the latest data points, discuss notable groups, and estimate the potential impact on victims — helping security teams plan their defenses for the months ahead.
2 min
Metasploit
Metasploit Weekly Wrap-Up 01/24/2025
LibreNMS Authenticated RCE module and ESC15 improvements
This week the Metasploit Framework was blessed with an authenticated RCE module
in LibreNMS, an autodiscovering PHP/MySQL-based network monitoring system. An
authenticated attacker can create dangerous directory names on the system and
alter sensitive configuration parameters through the web portal. These two
defects combined to allow arbitrary OS commands inside shell_exec() calls, thus
achieving arbitrary code execution.
Additionally, i
4 min
Exposure Management
The Vulnerability Vortex: Escaping the Whirlpool of Ineffective Security
In today's interconnected digital landscape, organizations find themselves caught in a relentless torrent of security alerts and vulnerability notifications.