Rapid7

🚨 On Thursday, April 3, 2025, #Ivanti disclosed a critical RCE vulnerability affecting Ivanti Connect Secure, Pulse Connect Secure, Policy Secure, and ZTA Gateways. Ivanti’s advisory indicates that CVE-2025-22457 was “initially identified as a product bug” and patched, but confirms that the stack-based buffer overflow vulnerability has since been exploited in the wild. More in the Rapid7 blog: https://r-7.co/3E8qsoj

Ransomware groups don’t usually disappear — oftentimes they change names, recycle code, and keep cashing in. When multiple underground forums began mentioning ‘Babuk Locker 2.0,’ the supposed rebirth of a 2021 operation, Rapid7 researchers got to work on if this was a true comeback... or just old code in a new costume. More in a new blog: https://r-7.co/43WeeK7

Delighted to participate again in the Take Command Summit, Rapid7's virtual #cybersecurity event. This year, I will be joined by two incredible speakers who provide their unique insights, Brian Honan and Trent Teyema. Together, we will share our insights on the evolving mindset of attackers, the economics of cybercrime, and the importance of real-time, actionable intelligence sharing between private organisations, law enforcement and government agencies. Please join the debate: https://lnkd.in/eQXhRXps #infosec

Next week: the Take Command Summit returns! 🛡️ This year's free, global, virtual event is your chance to get practical insights, cutting-edge research, and real-world defense strategies — all in one day. Register now: https://r-7.co/449Ozxo

🧡 Tonight is Women in Sports Night at TD Garden, presented by Rapid7. The Boston Bruins home game will highlight women who work & compete in the sports community, all throughout the evening. Read more in a National Hockey League (NHL) press release: https://r-7.co/3FOr2YR

Full visibility of your attack surface. Rapid7 MDR does that. Join us on April 9th for the 2025 return of Take Command – our virtual, one-day cybersecurity summit. Select your time zone & save your seat here: https://r-7.co/4iAIDlb

I'm excited to share that we've added AI Alert Triage Decisioning Transparency to Rapid7’s MDR experience. This means customers now have clear, actionable insight into how AI-assisted decisions are made—whether an alert is closed or escalated. You can see exactly what inputs drove that outcome, from command behavior to access patterns. It’s a meaningful step toward ensuring AI in the SOC supports not just speed, but trust and control. 🔍 More on how we're making AI work with security teams, not around them: https://lnkd.in/gp6GVvvf #CyberSecurity #MDR #AIinSecurity #SecurityOperations #AITransparency #Rapid7

Rapid7's Partner of the Year Award aims to recognize private & public sector partners for exceptional collaboration, as well as their positive influence on customers’ security postures. 2025 marks the 5th year of this award, and we're proud to honor the following winners today: 🏆 North America Partner of the Year: SHI International Corp. 🏆 Latin America Partner of the Year: Netconn 🏆 EMEA Partner of the Year: Softcat 🏆 APJ Partner of the Year: DGplex Join us in congratulating all of this year's winners 👉 https://r-7.co/3FZv8ND

“With exploit code for CVE-2025-1974 starting to be published online, #Kubernetes administrators should remediate publicly-exposed instances on an urgent basis.” – Stephen Fewer, Rapid7 principal security researcher More in a new piece from CyberScoop: https://r-7.co/4jcHkt1

Say goodbye to the "black box" behind #AI decisions. Today, we at Rapid7 are excited to announce enhanced transparency features for our AI Alert Triage system.Your SOC teams can now confidently validate & understand how (and why) alerts are being automatically dispositioned – plus, more easily audit those dispositions set by the AI models. More on AI @ Rapid7 in our blog: https://r-7.co/420bPex