Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained
Overview For executive leadership, the emergence of Kyber ransomware represents a significant and immediate threat due to its specialized, dual-platform depl...
Rapid7 Blog
8 articles
From Bulk Export to AI-ready Security Workflows: Introducing Rapid7’s Open-Source MCP Server and Agent Skill
Security teams want more from their data than APIs and one-off reports. They want to ask better questions, move faster, and bring security context into the w...
Project Glasswing and the Next Challenge for Defenders: Turning Faster Discovery into Faster Action
Anthropic’s Project Glasswing has sparked plenty of discussion about what AI might soon do for vulnerability discovery, but the more useful question for most...
Metasploit Wrap-Up 04/17/2026
Happy Friday - Seven New Metasploit Modules We’re happy to announce that Metasploit Framework had a big week, landing seven new modules alongside various bug...
CVE-2026-33032: Nginx UI Missing MCP Authentication
Overview On March 30, 2026, a security advisory was published for a critical vulnerability affecting Nginx UI. Nginx UI is an open-source web interface to ce...
ClickFix Phishing Campaign Masquerading as a Claude Installer
Overview It is no secret that phishing campaigns utilizing various ClickFix techniques have been a commonly used method of social engineering. One of the mai...
A Clearer Path from Prioritized Exposures to Remediation Progress
Security leaders know that reducing risk is not just about finding the right exposures, but helping the organization act on them before known issues turn int...
Patch Tuesday - April 2026
Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday. Microsoft is aware of exploitation in the wild for one of today’s vulnerabilities, a...