Exploitation attempts of a highly critical vulnerability discovered in the Drupal content management software (CMS) on February 20 were blocked by Cloudflare using Web Application Firewall (WAF) rules ...

A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March. Researchers are warning a recently discovered and highly critical vulnerability ...

In a year filled with horrible security blunders we may have a winner for worst of the year with eight weeks still to go. We knew two weeks ago when the Drupal team disclosed a really, really bad SQL ...

Hundreds of sites vulnerable to ‘Drupalgeddon 2.0’ have been impacted by a massive cryptomining campaign. UPDATE – Hundreds of websites running on the Drupal content management system – including ...

Developers of popular open-source CMS Drupal are warning admins to immediately patch a flaw that an attacker can exploit just by visiting a vulnerable site. The bug affects all sites running on Drupal ...

Developers of popular open source CMS Drupal are warning admins to immediately patch a flaw that an attacker can exploit just by visiting a vulnerable site. The new bug affects all sites running on ...

Drupal has released emergency security updates to address a critical vulnerability with known exploits that could allow for arbitrary PHP code execution on some CMS versions. "According to the regular ...

Malicious hackers wasted no time exploiting a critical bug in the Drupal content management system that allows them to execute malicious code on website servers. Just hours after maintainers of the ...

RondoDox botnet exploited React2Shell to compromise IoT devices and Next.js servers over a nine-month global campaign.

Drupal is a CMS designed to allow non-technical users to update it's content. It's very likely many of these servers are completely unmaintained and the people who run the sites they are running on ...