Rapid7
-
Critical Gogs flaw can let authenticated users run code on servers
A critical, unpatched flaw in Gogs can let authenticated users run arbitrary code on affected servers under certain conditions, with Rapid7 rating the issue 9.4 on the CVSS scale and reporting no CVE yet.
-
MuddyWater linked to Microsoft Teams intrusion that used Chaos ransomware branding
A Rapid7 technical analysis says MuddyWater used Microsoft Teams, screen-sharing and remote access tools in an early 2026 intrusion that looked like Chaos ransomware but focused on data theft and persistence.
-
China-linked group embeds stealthy kernel backdoors in telecom networks, Rapid7 says
Security firm Rapid7 reported that a China-linked threat cluster known as Red Menshen has embedded kernel-level implants and stealthy backdoors such as BPFDoor inside telecommunications networks to gather intelligence while evading conventional detection.
-
New ‘SantaStealer’ infostealer marketed on forums
Rapid7 researchers said a new malware-as-a-service infostealer called SantaStealer is being marketed on Telegram and forums, offers subscription plans, includes multiple data-theft modules and appears to have leaked samples that undermine claims of stealth.
-
Crimson Collective targets AWS cloud instances to steal data and extort firms
Researchers at Rapid7 said the Crimson Collective has been exploiting exposed AWS credentials to create privileged IAM users, export database and storage snapshots for exfiltration, and issue extortion demands; AWS recommended using short‑term, least‑privileged credentials and provided remediation guidance.
-
Unpatched OnePlus flaw lets rogue apps access SMS data, Rapid7 says
Rapid7 has disclosed an unpatched vulnerability in OnePlus OxygenOS that could allow rogue apps to access SMS data and metadata without user interaction, due to exposed content providers in the Telephony package. The flaw, CVE-2025-10184, affects OxygenOS 12 through 15 and remains unpatched as OnePlus investigates; a PoC exploit has been published.
-
Critical Security Flaw Found in Brother Printers Affects Millions of Devices
A critical security vulnerability in Brother printers, affecting hundreds of models, cannot be patched through firmware updates. Security firm Rapid7 has identified the flaw, which could allow attackers to generate default administrator passwords, prompting urgent action to mitigate risks.
