Prada reimagines iconic SS11 print via new beauty addition
Lip balm may not seem like the most glamorous beauty product but when the lip…
Patch Tuesday – November 2025
Microsoft is publishing 66 new vulnerabilities today, which is far fewer than we’ve come to expect in recent months. There’s a lone exploited-in-the-wild zero-day vulnerability, which Microsoft assesses as critical severity, although there’s apparently no public disclosure yet. Three critical remote code execution (RCE) vulnerabilities are patched today; happily, Microsoft currently assesses all three as…
Rapid7’s Q3 2025 Threat Landscape Report
The Q3 2025 Threat Landscape Report, authored by the Rapid7 Labs team, paints a clear picture of an environment where attackers are moving faster, working smarter, and using artificial intelligence to stay ahead of defenders. The findings reveal a threat landscape defined by speed, coordination, and innovation.⠀ The quarter showed how quickly exploitation now follows…
Rapid7 Named a Leader in the 2025 Gartner Exposure Assessment Platform Magic Quadrant
We’re proud to share that Rapid7 has been recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Exposure Assessment Platforms (EAP). We believe this recognition underscores our commitment to redefining security operations by embedding continuous, business-aligned exposure management into the core of modern defense strategies. Our approach: Exposure Command at the core At…
Critical Vulnerability in Fortinet FortiWeb Exploited in the Wild
Overview On October 6, 2025, the cyber deception company Defused published a proof-of-concept exploit on social media that was captured by one of their Fortinet FortiWeb Manager honeypots. FortiWeb is a Web Application Firewall (WAF) product that is designed to detect and block malicious traffic to web applications. Exploitation of this new vulnerability, now tracked…
Threat Landscape of the Building and Construction Sector Part Two: Ransomware
In this second installment of our two-part series on the construction industry, Rapid7 is looking at the specific threat ransomware poses, why the industry is particularly vulnerable, and ways in which threat actors exploit its weaknesses to great effect. You can catch up on the first part here: Initial Access, Supply Chain, and the Internet…
University of California Los Angeles delivers an immersive theater experience with AWS generative AI services
This post was co-written with Andrew Browning, Anthony Doolan, Jerome Ronquillo, Jeff Burke, Chiheb Boussema, and Naisha Agarwal from UCLA. The University of California, Los Angeles (UCLA) is home to 16 Nobel Laureates and has been ranked the #1 public university in the United States for 8 consecutive years. The Office of Advanced Research Computing…
Metasploit Wrap-Up
It has “SUS” in the name, what did you expect? This week’s release features the much-hyped CVE-2025-59287, a Critical-Severity Windows Server Update Service (WSUS) vulnerability that allows for SYSTEM level remote code execution. Documented among the multiple recent zero-days in Windows, the vulnerability affects Windows Servers running the WSUS service, which is not enabled by default. Several vendors, including…
Building AI-Powered Voice Applications: Amazon Nova Sonic Telephony Integration Guide
Organizations are increasingly seeking to enhance customer experiences through natural, responsive voice interactions across their telephony systems. Amazon Nova Sonic addresses this need as a speech-to-speech generative AI model that delivers real-time voice conversations with low latency and natural turn-taking. It understands speech across different accents and speaking styles, responds with expressive voices in multiple…
The State of Security Today: Setting the Stage for 2026
As we close out 2025, one thing is clear: the security landscape is evolving faster than most organizations can keep up. From surging ransomware campaigns and AI-enhanced phishing to data extortion, geopolitical fallout, and gaps in cyber readiness, the challenges facing security teams today are as varied as they are relentless. But with complexity comes…
How Condé Nast accelerated contract processing and rights analysis with Amazon Bedrock
This post is co-written with Bob Boiko, Christopher Donnellan, and Sarat Tatavarthi from Condé Nast. For over a century, Condé Nast has stood at the forefront of global media, shaping culture and conversation through its prestigious portfolio of brands. Founded in 1909, the company has evolved from a traditional publisher into a modern media powerhouse….
