Drupal
Drupal Core: Behind the Vulnerability
Earlier this year, the Checkmarx Security Research Team conducted an investigation of the new version of Drupal Core (Drupal 9) – a content management system (CMS) written in PHP – uncovering several ...
Latest Drupal RCE Flaw Used by Cryptocurrency Miners and Other Attackers
Another remote code execution vulnerability has been revealed in Drupal, the popular open-source Web content management system. One exploit — still working at time of this writing — has been used in ...
Drupal Patches Highly Critical Remote Code Execution Vulnerability
Websites based on the Drupal content management system might be affected by a highly critical vulnerability that could result in remote code execution. The vulnerability affects websites running Drupal 8 with RESTful ...
DirtyCOW Bug Drives Attackers to A Backdoor in Vulnerable Drupal Web Servers
In this post we’ll unpack a short — but no less serious — attack that affected some Linux-based systems, on October 31. Throughout the campaign, the attacker used a chain of vulnerabilities ...
Drupal Patches Critical Remote Code Execution Flaws
The popular Drupal content management system received fixes for five serious vulnerabilities that allow for remote code execution and could help hackers break into websites. Two of the patched vulnerabilities are rated critical ...
How to secure your content management system
Popular content management systems are easy to install and use. But how easy is it to keep them secure? Categories: Security world Technology Tags: CMSCMS securitycontent management systemsdrupalJoomlawordpress (Read more...) The post ...
A look into the Drupalgeddon client-side attacks
Back-to-back Drupal zero-day vulnerabilities are being monetized with malicious web cryptominers. Categories: Cryptomining Threat analysis Tags: CMScontent management systemsdrupaldrupalgeddonmalicious cryptomining (Read more...) The post A look into the Drupalgeddon client-side attacks appeared ...
Kitty malware gets its claws into Drupal websites to mine Monero
Websites running vulnerable versions of the Drupal content management system are being targeted by the latest incarnation of the Kitty malware family. The post Kitty malware gets its claws into Drupal websites ...
Critical Drupal vulnerability now being exploited in the wild; users urged to patch ASAP
The Drupal security team is urging users of its open-source content management platform to update the core software, or at the very least install the latest patches, as hackers are now actively ...
Police Shut Down Largest DDoS-for-Hire Marketplace
A large marketplace that allowed users to rent distributed denial-of-service (DDoS) infrastructure from hackers has been shut down following a global law enforcement operation led by police agencies from the Netherlands and ...
