Drupal
Drupal security challenges faced by developers | Contrast Security
Drupal is a PHP-based, fully accessible web content management system (CMS) offered under the terms of the General Public License. A minimum 14% of the top 10,000 websites worldwide and 1.2% of ...
Drupal Core: Behind the Vulnerability
Earlier this year, the Checkmarx Security Research Team conducted an investigation of the new version of Drupal Core (Drupal 9) – a content management system (CMS) written in PHP – uncovering several ...
Latest Drupal RCE Flaw Used by Cryptocurrency Miners and Other Attackers
Another remote code execution vulnerability has been revealed in Drupal, the popular open-source Web content management system. One exploit — still working at time of this writing — has been used in ...
Drupal Patches Highly Critical Remote Code Execution Vulnerability
Websites based on the Drupal content management system might be affected by a highly critical vulnerability that could result in remote code execution. The vulnerability affects websites running Drupal 8 with RESTful ...
DirtyCOW Bug Drives Attackers to A Backdoor in Vulnerable Drupal Web Servers
In this post we’ll unpack a short — but no less serious — attack that affected some Linux-based systems, on October 31. Throughout the campaign, the attacker used a chain of vulnerabilities ...
Drupal Patches Critical Remote Code Execution Flaws
The popular Drupal content management system received fixes for five serious vulnerabilities that allow for remote code execution and could help hackers break into websites. Two of the patched vulnerabilities are rated critical ...
How to secure your content management system
Popular content management systems are easy to install and use. But how easy is it to keep them secure? Categories: Security world Technology Tags: CMSCMS securitycontent management systemsdrupalJoomlawordpress (Read more...) The post ...
A look into the Drupalgeddon client-side attacks
Back-to-back Drupal zero-day vulnerabilities are being monetized with malicious web cryptominers. Categories: Cryptomining Threat analysis Tags: CMScontent management systemsdrupaldrupalgeddonmalicious cryptomining (Read more...) The post A look into the Drupalgeddon client-side attacks appeared ...
Kitty malware gets its claws into Drupal websites to mine Monero
Websites running vulnerable versions of the Drupal content management system are being targeted by the latest incarnation of the Kitty malware family. The post Kitty malware gets its claws into Drupal websites ...
Critical Drupal vulnerability now being exploited in the wild; users urged to patch ASAP
The Drupal security team is urging users of its open-source content management platform to update the core software, or at the very least install the latest patches, as hackers are now actively ...