CSOonline

Researchers map Drupal attack that bypasses poorly tuned Web Application Firewalls

“Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement… You should proceed under the assumption that every Drupal 7 ...
CSOonline

Drupal sites at risk due to insecure update mechanism

The update mechanism of the popular Drupal content management system is insecure in several ways, allowing attackers to trick administrators into installing malicious updates. Researcher Fernando ...