See what we're thinking about, working on, & blogging about.

Explore the latest insights, ideas, & opinions from our talented team of experts & researchers.

Subscribe Now

Get our latest Rapid Responses, insights, and blogs delivered directly to your inbox.

Welcome to the club! Your subscription to our newsletter is successful.

Rapid Response
How to find Progress MOVEit Transfer installations on your network
June 25, 2025
Progress software disclosed two new vulnerabilities in their MOVEit Gateway product. Here's how to find affected services on your network.
Rapid Response
How to find Aviatrix Controller on your network
June 24, 2025
Mandiant recently disclosed two vulnerabilities in Aviatrix Controller. Here's how to find affected assets on your network.
runZero Research
CVE chaos, MCPs, and the fight for better vulnerability data: a recap of runZero Hour 19
June 24, 2025
On our latest episode of runZero Hour I sat down with Rob King and Jerry Gamblin, Principal Engineer at Cisco, to dig into the state of...
Rapid Response
How to find Langflow installations on your network
June 18, 2025
A vulnerability in Langflow is actively being exploited as part of the Flodrix botnet. Here's how to find potentially vulnerable installs.
runZero Perspective
NSA proposes common-sense fixes to OT security standards
June 17, 2025
NSA has recommended six common-sense security controls for OT/ICS smart controllers in NSS. Learn what they are, why they matter and how runZero...
Product
runZero loves open source: integrating Nuclei
June 11, 2025
runZero now integrates with the open source Nuclei scanner to detect default logins across IoT, OT, IT, and DevOps apps like Tomcat, Jenkins,...
Rapid Response
How to find Roundcube Webmail on your network
June 4, 2025
A Roundcube Webmail vulnerability would allow a remote, authenticated attacker to perform RCE due to deserialization of untrusted data.
runZero Perspective
The Role of total attack surface visibility in M&A
June 3, 2025
With M&A, security teams must rapidly uncover risks. See why legacy tools fall short and how runZero ensures a secure transition.
Rapid Response
How to find ScreenConnect installations
June 2, 2025
Certain versions of ConnectWise ScreenConnect may be susceptible to ViewState code injection attacks in ASP.NET Web Forms.
Rapid Response
How to find WeidmĂĽller Industrial Ethernet switches on your network
May 28, 2025
Multiple vulnerabilities have been disclosed in certain models and versions of WeidmĂĽller Industrial Ethernet switch firmware.
Rapid Response
How to find potentially compromised ASUS routers in your network
May 28, 2025
ASUS routers exposed to the public Internet are being compromised, with backdoors being installed. Here's how to find impacted assets on your network.
runZero Perspective
Not just the score: why EPSS volatility might be the signal you’re missing
May 27, 2025
We fixate on the number, but the change — the volatility — often reveals more than the number itself. That's where the real signal may lie.