Open-source technologies and communities are a big part of the Rapid7 ethos, and that’s not by chance – it’s by design. Rapid7 believe that their Metasploit, AttackerKB, and Velociraptor initiatives help create a strong threat intelligence foundation as well as a secure digital future for all. Unfortunately, the same open-source tools that help security teams prioritize risk and enhance security outcomes can be misused by threat actors for nefarious purposes.
For example, Rapid7 researchers are aware that the digital forensics and incident response (DFIR) tool Velociraptor has been observed being leveraged by threat actors to execute a ransomware campaign. Rapid7 has implemented detections for this and other Velociraptor-related misuse, and is not impacted by this incident.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Japanese electricity giant apologises after physical drive with data of 10.9 million clients goes missing
June 12, 2026
A Japanese energy giant has apologised after losing a physical storage drive containing the data on millions of its clients. Workers for Kyushu Electric Power Co. apparently mislaid the drive, which had been left in an unlocked cabinet, the company explained in an official announcement. The drive allegedly contained information on up to 10.9 million accounts, including customer ...
- Novo Nordisk reports cyberattack as UK gives Wegovy pill the nod
June 12, 2026
Pharmaceutical giant Novo Nordisk says data related to clinical trial participants was stolen as part of a cyberattack. The affected patient data was pseudonymized and not directly linked to names or other direct identifiers, the company said. The maker of the Wegovy weight-loss drug said the affected data types include patient ID, information on trial participation, gender, ...
- More than 12,000 servers supported a coordinated phishing infrastructure worldwide
June 11, 2026
When a suspicious email lands in your inbox promising financial rewards or urgent payment requests, the infrastructure behind that email is rarely what it appears to be. An investigation by Comparitech revealed a coordinated spam and phishing network spanning 12,704 servers in 55 countries. These phishing emails are tied to fake financial rewards and similar scams, using tactics designed ...
- Criminal AI-as-a-Service in 2026: How the Underground Market Is Operationalizing Cybercrime
June 11, 2026
The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, ...
- Oracle warns of security bug that hackers abused to breach 100+ companies
June 11, 2026
Oracle warned its corporate customers that there is a critical-rated vulnerability in its PeopleSoft software, which is used by large companies to manage payroll and human resources, a day after a cybercrime group took credit for abusing the flaw as part of a mass-hacking campaign. The company published the security advisory on Thursday after the hacking group ShinyHunters ...
- Data of 2.4 million VRChat users stolen
June 11, 2026
VRChat, Inc. has filed a data breach notice revealing that the information of more than 2.4 million users was involved in a data breach. According to the notice, VRChat experienced unauthorized access to some account data between May 10 and May 12, 2026. The access happened in VRChat’s cloud environment and involved user profile and login-related data. Read more… Source: ...