Rapid7 Archives

The Cisco Systems logo is displayed at the Mobile World Congress (MWC) in Barcelona on February 25, 2019. (GABRIEL BOUYS / AFP)

Cisco’s latest vulnerability spree has a more troubling pattern underneath

Cisco’s response to the latest SD-WAN and firewall defects has been fast, but the harder question is how long sophisticated actors had a head start — and…

Mar 18, 2026 By Matt Kapko

A logo sign outside of the headquarters of Ivanti in South Jordan, Utah. (Kristoffer Tripplaar / Alamy Stock Photo)

Fallout from latest Ivanti zero-days spreads to nearly 100 victims

Shadowserver scans have identified 86 compromised instances, and researchers warn multiple threat groups are involved.

Feb 9, 2026 By Matt Kapko

Ivanti’s EPMM is under active attack, thanks to two critical zero-days

Limited attacks occurred prior to Ivanti’s disclosure, followed by mass exploitation by multiple threat groups. More than 1,400 potentially vulnerable instances remain exposed.

Feb 3, 2026 By Matt Kapko

Members of the Peoples Liberation Army band leave after the closing session of the Chinese People’s Political Consultative Conference, or CPPCC, at the Great Hall of the People on March 10, 2025 in Beijing. (Photo by Kevin Frayer/Getty Images)

China-based espionage group compromised Notepad++ for six months

The Chinese APT group Lotus Blossom intruded the tool’s internal systems to snoop on a limited set of users’ activities, according to researchers.

Feb 2, 2026 By Matt Kapko

Cisco customers hit by fresh wave of zero-day attacks from China-linked APT

Cisco has yet to release a patch for the actively exploited vulnerability, and attacks have been underway since at least late November.

Dec 18, 2025 By Matt Kapko

Attacks pinned to critical React2Shell defect surge, surpass 50 confirmed victims

Researchers warn that half of the exposed vulnerable instances remain unpatched as in-the-wild exploitation grows rapidly.

Dec 10, 2025 By Matt Kapko

Abstract binary code rippling on waving ribbons. (Getty Images)

Developers scramble as critical React flaw threatens major apps

The open-source code library is one of the most extensively used application frameworks. Wiz found vulnerable versions in around 39% of cloud environments.

Dec 3, 2025 By Matt Kapko

Fortinet office in Burnaby, BC, Canada, July 7, 2023. (Getty Images)

Fortinet’s delayed alert on actively exploited defect put defenders at a disadvantage

The security vendor silently patched a vulnerability, but did not assign the flaw a CVE or publicly disclose its existence until 17 days later. By then, widespread…

Nov 17, 2025 By Matt Kapko

Person on ladder looking into large folder with messy paperwork spilling out. (Stock illustration/Getty Images)

Worries mount over max-severity GoAnywhere defect

Forta, the vendor behind the file-transfer service software, has yet to report exploitation or address evidence of compromise. Independent researchers say otherwise.

Sep 26, 2025 By Matt Kapko

Researchers raise alarm over maximum-severity defect in GoAnywhere file-transfer service

The vendor didn’t provide evidence of active exploitation, yet experts said it’s only a matter of time before that changes.

Sep 19, 2025 By Matt Kapko