ZCyberNews
中文

#rapid7

6 articles

This tag archive covers 16 articles published between April 13 and June 10, 2026, tracking vulnerabilities and threats reported by Rapid7. The threat actors KongTuke and Kyber were observed in these reports. Key vulnerabilities include CVE-2026-20127, CVE-2026-20182, CVE-2025-59718, CVE-2026-41940, and CVE-2023-30253, with two carrying a CVSS score of 10 and two at 9.8. Affected sectors include cybersecurity, enterprise, enterprise IT, enterprise networking, and financial services, with impacts reported across Global, Europe, and North America regions. The coverage includes three high, four critical, and five informational severity items.

Metasploit Adds Vim Plugin Persistence, Exploits for Three CVEsHIGH
Tools & Techniques

Metasploit Adds Vim Plugin Persistence, Exploits for Three CVEs

Rapid7's Metasploit Framework adds Vim plugin persistence, exploits for CVE-2025-6793 (Marvell QConvergeConsole), CVE-2024-48760 (GestioIP), and CVE-2023-30253 (Dolibarr).

CVE-2025-6793CVE-2024-48760CVE-2023-30253
3 min read
Cisco Catalyst SD-WAN Controller Flaw CVE-2026-20182 Scores PerfectCRITICAL
Vulnerabilities

Cisco Catalyst SD-WAN Controller Flaw CVE-2026-20182 Scores Perfect

Rapid7 discovered CVE-2026-20182, a 10.0-CVSS authentication bypass in Cisco Catalyst SD-WAN Controller. Unauthenticated attackers can inject SSH keys and issue NETCONF commands.

CVE-2026-20182CVE-2026-20127
4 min read
ModeloRAT Campaign Abuses Microsoft Teams for Enterprise IntrusionCRITICAL
Threat Intel

ModeloRAT Campaign Abuses Microsoft Teams for Enterprise Intrusion

Rapid7 dissects an April 2026 intrusion where a fake IT Support Teams message delivered ModeloRAT via Dropbox, leading to privilege escalation, credential theft, and lateral...

CVE-2023-36036
4 min readKongTuke
cPanel & WHM Authentication Bypass CVE-2026-41940: CVSS 9.8CRITICAL
Vulnerabilities

cPanel & WHM Authentication Bypass CVE-2026-41940: CVSS 9.8

CVE-2026-41940: Unauthenticated remote attackers can bypass authentication in cPanel & WHM and WP Squared. CVSS 9.8. Patch released April 28, 2026.

CVE-2026-41940
3 min read
FortiGate SSO Bypass CVE-2025-59718 Exploited in Active AttacksCRITICAL
Vulnerabilities

FortiGate SSO Bypass CVE-2025-59718 Exploited in Active Attacks

Rapid7 IR confirms active exploitation of CVE-2025-59718 — a 9.8-CVSS FortiGate SSO bypass — enabling attackers to gain persistent admin access on unpatched appliances.

CVE-2025-59718
2 min read
Kyber Ransomware Deploys Dual Payloads for Windows and VMware ESXiHIGH
Malware

Kyber Ransomware Deploys Dual Payloads for Windows and VMware ESXi

Kyber ransomware deploys two distinct payloads to encrypt both Windows systems and VMware ESXi servers, using a custom tool to wipe ESXi snapshots and hinder recovery. The attack chain begins with compromised RDP credentials.

3 min readKyber

Stay Updated

Get the latest cybersecurity news delivered to your inbox.