Rapid7

Last year, we introduced the concept of taking command of your attack surface — this year, we're going even further. Mark your calendar for the upcoming Take Command Summit, happening on April 9. You don't want to miss this: https://r-7.co/3EW3H79

“With exploit code for CVE-2025-1974 starting to be published online, #Kubernetes administrators should remediate publicly-exposed instances on an urgent basis.” – Stephen Fewer, Rapid7 principal security researcher More in a new piece from CyberScoop: https://r-7.co/4jcHkt1

Say goodbye to the "black box" behind #AI decisions. Today, we at Rapid7 are excited to announce enhanced transparency features for our AI Alert Triage system.Your SOC teams can now confidently validate & understand how (and why) alerts are being automatically dispositioned – plus, more easily audit those dispositions set by the AI models. More on AI @ Rapid7 in our blog: https://r-7.co/420bPex

Cybersecurity is more than technology — it’s about mindset, resilience, and adaptability. At the Take Command Summit, The Tempest Two will share their experiences tackling some of the world's most extreme endurance challenges. Their unique perspective can be a lesson for many professionals managing their own challenges with incident response and crisis management. Secure your spot now: https://r-7.co/4l9BWIX

With Vector Command, customers have a team of experts continuously assessing their external attack surface and providing remediation guidance on any security gaps. In a new blog, learn how external network assessment works within Vector Command ➡️ https://r-7.co/4cfIbH6

⚔️ Defend against risk with full asset context. Get a free, read-only trial experience to see Surface Command’s ability to continuously monitor your entire digital estate. Secure your free trial access: https://r-7.co/41pGyBz

🚨 On March 24, 2025, #Kubernetes disclosed 5 new vulnerabilities affecting the Ingress NGINX Controller for Kubernetes. Successful exploitation could allow attackers access to all secrets stored across all namespaces in the Kubernetes cluster, which could result in cluster takeover. Stay up to date with the Rapid7 blog: https://r-7.co/4l6UKsm

Today, March 25, 2025, Rapid7 is warning customers of two notable vulnerabilities: 🚨 CVE-2025-29927, a critical improper authorization vulnerability in Next.js – a React framework for building web applications. 🚨 An unauthenticated HTTP(S) port access vulnerability in the file transfer technology #CrushFTP, not yet assigned a CVE. Find mitigation guidance and more in the Rapid7 blog: https://r-7.co/4hI857q

Rapid7's PACT Partner Program has earned a 5-star rating in the CRN Partner Program Guide! 🌟 We are dedicated to empowering our partners around the world and across every channel by operating with accountability, consistency, and transparency. More details on the rating: https://r-7.co/4hGQCMJ Learn more about the PACT Partner Program: https://r-7.co/4iWEsRn

There's much to look forward to in the upcoming Take Command Summit — like this lineup of industry experts. Get to know some of the sharpest minds in cybersecurity, and the sessions they'll be joining in a new blog: https://r-7.co/41ZrsTG