Security News

New Drupal RCE vulnerability under active exploitation, patch ASAP!
2018-04-26 15:05

Yet another Drupal remote code execution vulnerability has been patched by the Drupal security team, who urge users to implement the offered updates immediately as the flaw is being actively...

Release of PoC Exploit for New Drupal Flaw Once Again Puts Sites Under Attack
2018-04-26 12:48

Only a few hours after the Drupal team releases latest updates to fix a new remote code execution flaw in its content management system software, hackers have already started exploiting the...

Drupal Patches New Flaw Related to Drupalgeddon2
2018-04-26 03:01

Drupal developers have released updates for versions 7 and 8 of the content management system (CMS) to address a new vulnerability related to the recently patched flaw known as Drupalgeddon2. read more

Third Critical Drupal Flaw Discovered—Patch Your Sites Immediately
2018-04-25 16:48

Damn! You have to update your Drupal websites. Yes, of course once again—literally it’s the third time in last 30 days. As notified in advance two days back, Drupal has now released new versions...

Drupal admins: Get ready for emergency out-of-band patch for critical vulnerability
2018-04-24 12:12

Drupal's first patch for the 'Drupalgeddon 2' apparently proved insufficient, prompting a timed release of another patch on Wednesday.

Drupal to Release Second Drupalgeddon2 Patch as Attacks Continue
2018-04-24 04:14

Drupal developers announced on Monday that versions 7.x, 8.4.x and 8.5.x of the content management system (CMS) will receive a new security update later this week. read more

Muhstik Botnet Exploits Highly Critical Drupal Bug
2018-04-23 22:13

A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March.

Drupal 8 Updated to Patch Flaw in WYSIWYG Editor
2018-04-19 11:41

Updates released on Wednesday for Drupal 8 patch a moderately critical cross-site scripting (XSS) vulnerability affecting a third-party JavaScript library. The flaw impacts CKEditor, a WYSIWYG...

Another Critical Flaw Found In Drupal Core—Patch Your Sites Immediately
2018-04-19 07:33

It's time to update your Drupal websites, once again. For the second time within a month, Drupal has been found vulnerable to another critical vulnerability that could allow remote attackers to...

Hackers Exploiting Drupal Vulnerability to Inject Cryptocurrency Miners
2018-04-18 10:03

The Drupal vulnerability (CVE-2018-7600), dubbed Drupalgeddon2 that could allow attackers to completely take over vulnerable websites has now been exploited in the wild to deliver malware...