🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

RCEs... for Spring? Groundbreaking. (Appsmith, Pandora FMS, Oracle Access Manager, pgAdmin) 🌷 rapid7.com/blog/post/2025…

Wake up babe, even smaller fetch payloads just dropped: rapid7.com/blog/post/2025…

This Friday brings some awesome updates to AD CS workflows. Users can now manage their PKCS12 certificates with the new `certs` command. Plus we've got modules and almost a dozen enhancements. Get it all here: rapid7.com/blog/post/2025…

Rapid7 MDR has observed exploitation of SAP NetWeaver Visual Composer CVE-2025-31324 in multiple customer environments dating back to at least late March. Observations and guidance here: rapid7.com/blog/post/2025…

Attention Kali Linux users! In the coming day(s), apt update is going to fail for pretty much everyone. The reason? We had to roll a new signing key for the Kali repository. You need to download and install the new key manually: offs.ec/4lUEtak

This week we've released a patch for a vulnerability disclosed to us by a longtime community member. A heartfelt thanks to the folks who spend their time on this journey with us. We've also got LAPs support for LDAP module, and an RCE for WonderCMS. Get it here:

In another great body of research from Ryan Emmons, this disclosure chains 3 new vulns in SonicWall's SMA 100 appliances to go from a low privileged account to full RCE as root!! Awesome work as always 🔥🔥🔥

New toys and techniques this week: OPNSense login scanner, Sante PACS Server Path Traversal, SMB to HTTP relay version of Get NAA Creds, and Erlang OTP Pre-Auth RCE Scanner and Exploit! rapid7.com/blog/post/2025…

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week we've increased our boot and startup times :D and now have native support for getting TGS, as well as exploit modules for Ivanti Connect Secure, Clinic's Patient Management System, Invision Community, Nextcloud Workflows, and Samsung MagicINFO 9 Server.

This week's wrap-up features support for the SOCKS5H protocol, some additional SOCKS lore, and modules for WordPress Depicter Plugin and Gladinet CentreStack/Triofox. rapid7.com/blog/post/2025…

Five new modules in this release, including content for ThinManager, Remote for Mac, Roundcube and more. rapid7.com/blog/post/meta…

Framework offering even faster boot time this week. Get the wrap-up here: rapid7.com/blog/post/meta…

Hey friends, it's that time again. As a Metasploit user, how would you describe yourself? Add comments if you want to explain!

New Skyvern RCE in the wrap-up this week. Get it here: rapid7.com/blog/post/meta…