Threat Post

Muhstik Botnet Exploits Highly Critical Drupal Bug

A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March. Researchers are warning a recently discovered and highly critical vulnerability ...
Dark Reading

New Drupal Exploit Mines Monero for Attackers

A newly discovered vulnerability in Drupal has been exploited to turn infected systems into Monero mining bots. Worse, the vulnerability could easily be exploited to do far more than simply steal ...
Ars Technica

Many websites threatened by highly critical code-execution bug in Drupal

Sites that run the Drupal content management system run the risk of being hijacked until they’re patched against a vulnerability that allows hackers to remotely execute malicious code, managers of the ...
Bleeping Computer

Cloudflare Deploys Firewall Rule to Block New Drupal Exploits

Exploitation attempts of a highly critical vulnerability discovered in the Drupal content management software (CMS) on February 20 were blocked by Cloudflare using Web Application Firewall (WAF) rules ...
ZDNet

It took hackers only three days to start exploiting latest Drupal bug

Three days --that's the time it took hackers to start launching attacks against Drupal sites using an exploit for a security flaw the CMS project patched last week. The attacks, detected by web ...
Homeland Security Today

Drupal Releases Security Updates

Drupal has released security updates to address vulnerabilities in Drupal 7.x, 8.8.x, 8.9.x, and 9.0.x. An attacker could exploit some of these vulnerabilities to obtain sensitive information or ...
Dark Reading

Speed at Which New Drupal Flaw Was Exploited Highlights Patching Challenges

The speed at which malicious attackers recently exploited a remote code execution flaw in the Drupal content management system (CMS) should serve as fresh warning about the need for organizations to ...