InformerNow

A new meeting on your calendar or a new attack vector? It starts innocently enough. A new meeting appears in your Google calendar and the subject seems ordinary, perhaps even urgent: “Security Update Briefing,” “Your Account Verification Meeting,” or “Important Notice Regarding Benefits.” You assume you missed this invitation in your overloaded email inbox, and…

In 2025, the construction industry stands at the crossroads of digital transformation and evolving cybersecurity risks, making it a prime target for threat actors. Cyber adversaries, including ransomware operators, organized cybercriminal networks, and state-sponsored APT groups from countries such as China, Russia, Iran, and North Korea, are increasingly focusing their attacks on the building and…

New module content (3) Centreon authenticated command injection leading to RCE via broker engine “reload” parameter Author: h00die-gr3y [email protected] Type: Exploit Pull request: #20672 contributed by h00die-gr3y Path: linux/http/centreon_auth_rce_cve_2025_5946 AttackerKB reference: CVE-2025-5946 Description: Adds an exploit module for Centreon. The vulnerability, an authenticated command injection, will lead to a remote code execution. Rootkit Privilege Escalation Signal Hunter Author: bcoles [email protected] Type: Exploit…

Across industries, Microsoft is everywhere. It powers productivity, collaboration, and security through Defender, Sentinel, Entra, and the broader Microsoft ecosystem that underpins how modern organizations operate. ⠀ As organizations deepen their Microsoft investments, there’s an even greater opportunity to strengthen and simplify threat detection and response. Microsoft delivers powerful visibility and security insights across user…

Microsoft is publishing 66 new vulnerabilities today, which is far fewer than we’ve come to expect in recent months. There’s a lone exploited-in-the-wild zero-day vulnerability, which Microsoft assesses as critical severity, although there’s apparently no public disclosure yet. Three critical remote code execution (RCE) vulnerabilities are patched today; happily, Microsoft currently assesses all three as…

The Q3 2025 Threat Landscape Report, authored by the Rapid7 Labs team, paints a clear picture of an environment where attackers are moving faster, working smarter, and using artificial intelligence to stay ahead of defenders. The findings reveal a threat landscape defined by speed, coordination, and innovation.⠀ The quarter showed how quickly exploitation now follows…

We’re proud to share that Rapid7 has been recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Exposure Assessment Platforms (EAP). We believe this recognition underscores our commitment to redefining security operations by embedding continuous, business-aligned exposure management into the core of modern defense strategies. Our approach: Exposure Command at the core At…

Overview On October 6, 2025, the cyber deception company Defused published a proof-of-concept exploit on social media that was captured by one of their Fortinet FortiWeb Manager honeypots. FortiWeb is a Web Application Firewall (WAF) product that is designed to detect and block malicious traffic to web applications. Exploitation of this new vulnerability, now tracked…

In this second installment of our two-part series on the construction industry, Rapid7 is looking at the specific threat ransomware poses, why the industry is particularly vulnerable, and ways in which threat actors exploit its weaknesses to great effect. You can catch up on the first part here: Initial Access, Supply Chain, and the Internet…