PC World

Drupal sites at risk due to insecure update mechanism

The update mechanism of the popular Drupal content management system is insecure in several ways, allowing attackers to trick administrators into installing malicious updates. Researcher Fernando ...
Threat Post

Drupal Issues Highly Critical Patch: Over 1M Sites Vulnerable

Drupal developers are urged to patch a bug that allows attackers to take over a site simply by visiting it. Drupal released a patch for a “highly critical” flaw in versions 6, 7 and 8 of its CMS ...
Bleeping Computer

Drupal Fixes Drupalgeddon2 Security Flaw That Allows Hackers to Take Over Sites

The Drupal CMS team has fixed a highly critical security flaw that allows hackers to take over a site just by accessing an URL. Drupal site owners should immediately —and we mean right now— update ...
Bleeping Computer

Two Months Later, Over 115,000 Drupal Sites Still Vulnerable to Drupalgeddon 2

Two months after the Drupal project released a patch for a highly critical security flaw, there are over 115,000 Drupal sites that have failed to install the fix and are now at the mercy of ...