Security News > 2018 > April > Hackers Exploiting Drupal Vulnerability to Inject Cryptocurrency Miners
2018-04-18 10:03
The Drupal vulnerability (CVE-2018-7600), dubbed Drupalgeddon2 that could allow attackers to completely take over vulnerable websites has now been exploited in the wild to deliver malware backdoors and cryptocurrency miners. Drupalgeddon2, a highly critical remote code execution vulnerability discovered two weeks ago in Drupal content management system software, was recently patched by the
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/MD2BV_vaXf8/drupal-cryptocurrency-hacking.html
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-29 | CVE-2018-7600 | Improper Input Validation vulnerability in multiple products Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations. | 7.5 |