Security News

A new Drupalgeddon might be brewing: a highly critical vulnerability affecting all versions of the popular content management framework could allow hackers to take over vulnerable Drupal...

Developers of Drupal—a popular open-source content management system software that powers millions of websites—have released the latest version of their software to patch a critical vulnerability...

Security updates released on Wednesday for the Drupal content management system (CMS) patch a “highly critical” vulnerability that can be exploited for remote code execution. read more

PUT, PATCH, POST, PWNED! Website admins are today urged to update their Drupal installations following the disclosure of a potentially serious vulnerability in the web publishing software. And...

Open-source CMS gets a pair of critical fixes Drupal has issued a pair of updates to address two security vulnerabilities in its online publishing platform. The vulns are a little esoteric, and...

Updates released on Wednesday for Drupal 7, 8.5 and 8.6 address two potentially serious vulnerabilities that can be exploited for arbitrary code execution. read more

A recent attack targeted Drupal web servers with a chain of vulnerabilities that included the infamous Drupalgeddon2 and DirtyCOW flaws, Imperva security researchers say. The attack was short and...

Drupal website owners have some important patching homework to do.

Drupal's advisory also included three patches for "moderately critical" bugs.

Developers of the Drupal content management system (CMS) have patched several vulnerabilities in the 7 and 8 branches, including serious flaws that can be exploited for remote code execution. read more