Bleeping Computer

Drupalgeddon 2 Vulnerability Used to Infect Servers With Backdoors & Coinminers

Hackers haven't wasted their time in deciding what to do with the proof-of-concept (PoC) code that was published online last week for a major Drupal security flaw. According to multiple sources, ...
Bleeping Computer

Drupal Fixes Drupalgeddon2 Security Flaw That Allows Hackers to Take Over Sites

The Drupal CMS team has fixed a highly critical security flaw that allows hackers to take over a site just by accessing an URL. Drupal site owners should immediately —and we mean right now— update ...
Threat Post

Muhstik Botnet Exploits Highly Critical Drupal Bug

A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March. Researchers are warning a recently discovered and highly critical vulnerability ...
Dark Reading

Speed at Which New Drupal Flaw Was Exploited Highlights Patching Challenges

The speed at which malicious attackers recently exploited a remote code execution flaw in the Drupal content management system (CMS) should serve as fresh warning about the need for organizations to ...
Threat Post

Drupal Issues Highly Critical Patch: Over 1M Sites Vulnerable

Drupal developers are urged to patch a bug that allows attackers to take over a site simply by visiting it. Drupal released a patch for a “highly critical” flaw in versions 6, 7 and 8 of its CMS ...
Ars Technica

Drupal users take cover—code-execution bug is being actively exploited [updated]

Malicious hackers wasted no time exploiting a critical bug in the Drupal content management system that allows them to execute malicious code on website servers. Just hours after maintainers of the ...