Exploitation attempts of a highly critical vulnerability discovered in the Drupal content management software (CMS) on February 20 were blocked by Cloudflare using Web Application Firewall (WAF) rules ...

A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March. Researchers are warning a recently discovered and highly critical vulnerability ...

Hundreds of sites vulnerable to ‘Drupalgeddon 2.0’ have been impacted by a massive cryptomining campaign. UPDATE – Hundreds of websites running on the Drupal content management system – including ...

RondoDox botnet exploited React2Shell to compromise IoT devices and Next.js servers over a nine-month global campaign.

Developers of popular open source CMS Drupal are warning admins to immediately patch a flaw that an attacker can exploit just by visiting a vulnerable site. The new bug affects all sites running on ...

Drupal has released emergency security updates to address a critical vulnerability with known exploits that could allow for arbitrary PHP code execution on some CMS versions. "According to the regular ...

Developers of popular open-source CMS Drupal are warning admins to immediately patch a flaw that an attacker can exploit just by visiting a vulnerable site. The bug affects all sites running on Drupal ...

Drupal is a CMS designed to allow non-technical users to update it's content. It's very likely many of these servers are completely unmaintained and the people who run the sites they are running on ...

In a year filled with horrible security blunders we may have a winner for worst of the year with eight weeks still to go. We knew two weeks ago when the Drupal team disclosed a really, really bad SQL ...