Rapid7 is a leader in AI-powered managed cybersecurity operations. 11,500 customers utilize Rapid7 to disrupt attackers and advance their cyber resilience.
Joined March 2009
- Tweets 15,029
- Following 2,608
- Followers 124,416
- Likes 4,088
2,414 Photos and videos
π¨ On 6/10/26, #Oracle published a security alert for CVE-2026-35273, a critical vuln. affecting PeopleSoft Enterprise PeopleTools.
The campaign has been attributed to the ShinyHunters collective, well known for data theft and extortion. More in our blog: r-7.co/4aEClz9
1
13
1,728
AI is actively embedding itself into today's criminal tradecraft β lending itself to social engineering, fraud, impersonation, identity abuse & more.
Get to know tools like WormGPT and BruteforceAI, plus, how orgs should react, all in a new blog: r-7.co/4ooQFS7
3
10
1,894
π¨ On 6/9/26, #Ivanti published a security advisory for 2 critical vulns affecting Ivanti Sentry (FKA MobileIron Sentry).
CVE-2026-10520 (CVSS 10.0) is an OS command injection vuln, and CVE-2026-10523 (CVSS 9.9) is an authentication bypass vuln.
Read on: r-7.co/4arpQHd
1
4
13
2,359
Rapid7 is joining @Anthropicβs Project Glasswing, gaining access to Claude Mythos Research Preview.
We will explore internal use cases across product security, vuln research, red-teaming, and D&R β building on our focus of AI-powered, preemptive security: r-7.co/4e1qwEi
1
1
14
1,579
πΎ In Hacktics & Telemetry, Ep7, @fulmetalpackets and @_CryptoCat break down expensive AI operational blunders, a grueling race against vendor patches, and a critical 0-day vuln in self-hosted Git software.
π€ Spotify: r-7.co/4oi7s9u
βΆοΈ YouTube: r-7.co/4oiOmQL
6
874
π¨ On 6/8/26, #CheckPoint published an advisory for a critical vuln. affecting its Remote Access VPN, Mobile Access & Spark Firewall products.
CVE-2026-50751 allows an unauth. attacker to establish a VPN session without providing valid credentials. More: r-7.co/4fyoJJc
2
15
48
8,422
β οΈ In conducting a 0-day research project against an #HP Poly VVX 450 VoIP phone, Rapid7 Labs discovered CVE-2026-0826 β a critical unauthenticated stack-based buffer overflow vuln affecting all VXX series and 3 Trio IP Conference series models.
Read on: r-7.co/4wQuXul
1
18
56
6,903
#PaloAltoNetworks published a security advisory for CVE-2026-0257. Exploitation of this vulnerability allows a remote unauthenticated attacker to establish a VPN connection through the GlobalProtect gateway of an affected appliance. More via our blog: r-7.co/4uzDIao
13
27
5,692
Headed to #GartnerSEC next week? Meet up with Rapid7 at Booth #909!
Don't miss our featured session β in The CISO's Role in Enterprise Transformation, Rapid7 leaders offer their candid perspectives on embedding security into the fabric of the business: r-7.co/4x2G4jV
2
1,497
Rapid7 retweeted
May 28
Found an unpatched RCE in Gogs π Any authenticated user can get code execution on the server through argument injection into git rebase. Full @rapid7 writeup @metasploit module available now!
πrapid7.com/blog/post/ve-authβ¦
ALT RCE via argument injection in Gogs
1
32
171
15,367
π Announcing Rapid7's Threat Landscape Report for Q1, 2026.
Threat actors favor 0-click vulns over social engineering, lines blur between state actors & hacktivist groups, and the cybercriminal economy splinters.
Blog: r-7.co/49Ybbmw
Report: r-7.co/43koLwV
1
10
1,645
On May 14, #PaloAltoNetworks published a security advisory for CVE-2026-0265 βa signature verification vulnerability that facilitates authentication bypass on PAN-OS. Palo Alto Networks assigned CVE-2026-0265 a βHighβ 7.2 CVSS score. More via our blog:
r-7.co/438oEV7
1
6
1,676
π¨ Rapid7 Labs has discovered an authentication bypass vuln. affecting #Cisco Catalyst SD-WAN Controller (FKA vSmart).
CVE-2026-20182 has a Critical CVSSv3.1 score of 10.0 and allows a remote unauth. attacker to perform privileged operations. Read on: r-7.co/4uLxSlR
3
45
118
23,684
In Episode 5 of Hacktics and Telemetry, @fulmetalpackets & @_CryptoCat talk zero-click XSS vulns (featuring @J0R1AN), bug bounty updates, Copyfail, and @metasploit's new MCP server π₯
π Full video on YouTube: r-7.co/49wOqG9
π§ Audio on Spotify: r-7.co/436KHLS
7
1,440
Rapid7 observed a recent enterprise intrusion that began with a fake IT support Teams message, escalated via fake lock screens, Python-based RATs & a kernel exploit, then secured domain-wide credential access β all within 2 days.
Get to know #ModeloRAT: r-7.co/4npcZuB
2
11
39
4,624
π Lock in for Day 2 of Rapid7's Global Cybersecurity Summit, featuring a 2-track breakout format designed for both Leaders & Practitioners.
Register here to watch live or on-demand: r-7.co/3OVo89J
3
694
Rapid7 announced Cyber GRC today, a new solution that brings security ops, governance & compliance together in one view.
Now, manage GRC requirements in a way that stands up to both regulatory scrutiny and board-level oversight.
Secure early access: r-7.co/49GrpR6
1
2
17
2,087
Don't miss a minute β Rapid7's 2026 Global Cybersecurity Summit is starting now. π‘οΈ
Register for access and tune in now: r-7.co/4topN5D
1
727
β The wait is almost over. Tomorrow, Rapid7 kicks off our 2026 Global Cybersecurity Summit!
Here's your chance to explore the run-of-show via our latest blog, and find a link to save your spot within: r-7.co/4wp2b3z
1
985
Today, Rapid7 was included in @OpenAI's Trusted Access for Cyber program and new model launch announcement.
To us, this partnership means equipping security teams with advanced capabilities and meaningfully improving their cyber resilience. Keep reading: r-7.co/3QNdgv9
2
3
19
1,916