PC World

Drupal sites at risk due to insecure update mechanism

The update mechanism of the popular Drupal content management system is insecure in several ways, allowing attackers to trick administrators into installing malicious updates. Researcher Fernando ...
PC World

Drupal users: Assume your site was hacked if you didn’t apply Oct. 15 patch immediately

Users of Drupal, one of the most popular content management systems, should consider their sites compromised if they didn’t immediately apply a security patch released on Oct. 15. The unusually ...
ZDNet

Drupal critical flaw: Patch this remote code execution bug urgently, websites warned

The bug was considered serious enough for Drupal's security team to warn admins a day in advance of Wednesday's patch release to reserve time to address the bug. Drupal is the third most popular CMS ...
Bleeping Computer

Drupal Fixes Drupalgeddon2 Security Flaw That Allows Hackers to Take Over Sites

The Drupal CMS team has fixed a highly critical security flaw that allows hackers to take over a site just by accessing an URL. Drupal site owners should immediately —and we mean right now— update ...