Rapid7

🚨 On April 28, 2026, #cPanel issued a security update to fix a critical vulnerability affecting its WHM and WP Squared products. A query for potential targets returned 1.5 million instances exposed to the internet. CVE-2026-41940 has a CVSS score of 9.8 and allows unauthenticated remote attackers to bypass authentication, granting unauthorized administrative access to the web hosting control panel software. Find our mitigation guidance and more in a new blog: https://r-7.co/4vZ0vgX

Rapid7's Global Cybersecurity Summit is just around the corner. Security practitioners, IT professionals, and decision-makers everywhere... have you saved your spot? I'm pleased to share I'll be speaking at 2 sessions over the 2-day summit: 🗓️ 'Defense Starts Earlier Than You Think', with Brian Castagna & Craig Robinson: Complexity, not a lack of technology, has become the primary barrier to effective security. Get to know the operating model of Preemptive Security. 🗓️ 'Rapid7: What’s New and What’s Next': See how our latest innovations across exposure management, MDR, and AI come together – empowering security teams everywhere to 'act' before 'impact.' I'll see you there! Save your spot now: https://r-7.co/3OwqkEi

🐢 Security teams aren't falling behind because they lack tooling, or because attackers are getting smarter (they're not). There's a marked shift in pace. In the latest episode of Experts on Experts, Craig Adams sat down with Rapid7 VP, Cyber Intelligence, Christiaan Beek to discuss exactly what we’re seeing in the 2026 threat landscape. 🧵 See what the full conversation has in store via our blog: https://r-7.co/4vY8IlF ▶️ Or jump right into the extended cut on YouTube: https://r-7.co/4vUMFwh

For years, security teams have relied on a familiar metric, CVSS, to guide prioritization. But while vulnerability findings are abundant, actionable context is not. According to Gartner®, fewer than 10% of vulnerabilities are exploited, yet most are treated as urgent. As environments grow more complex, attackers focus on what’s actually exploitable. In response, teams are shifting toward a more context-driven approach. Strong exposure prioritization comes down to 4 elements: threat intelligence, asset context, data science, and security control validation. Dive into each here: https://r-7.co/4cGFEGi

Reason 1️⃣: You need a clearer view of how attacks actually unfold in your environment. Security teams are dealing with a different kind of pressure now. If your day-to-day revolves around AI, threat detection, or exposure management, our upcoming Global Cybersecurity Summit is your operational one-stop shop. Learn more & save your spot here: https://r-7.co/3QxqpIs

Faster vulnerability discovery is here, but when it comes to the software supply chain, AI is acting as an amplifier: increasing the potency of both the strengths and weaknesses already present in an organization. Security in an AI-accelerated world is a systems challenge then, and it must be managed like one. When the many layers – like threat intelligence, build integrity and validation – are treated separately, operational gaps open quickly. So what do the next 12 months look like, for security leaders everywhere? Wade Woolwine, Sr. Director of Product Security, digs into conversations with teams & customers alike to inform a brand new blog: https://r-7.co/48hafZM

💥 Back for 2026, and better than ever. Rapid7's Global Cybersecurity Summit is around the corner, breaking down how to move beyond reactive workflows and operate with more clarity. All the details ⤵️

📈 Exploited high and critical vulnerabilities are up 105% year over year. In the 2026 Global Threat Landscape Report, Rapid7 Labs examines how the window between disclosure and exploitation continues to collapse, leaving teams with less time to assess risk, prioritize remediation, and contain threats before impact. Drawing on Rapid7 Labs research and MDR telemetry, the report provides a data-driven view of what’s reshaping cyber risk and how. Download it here: https://r-7.co/3PicnK6

Our latest Rapid7 Labs analysis undertakes a deep dive into Kyber #ransomware where we evaluated two Kyber ransomware payloads deployed in the same environment following an IR engagement. One targeting VMware ESXi infrastructure and the other Windows file servers providing us the opportunity to analyze both variants side by side. The results were interesting in that they differ in programming language they are written, crypto, and features. More details here: https://lnkd.in/e62bs7-z H/T Anna S. #malware #infosec