A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March. Researchers are warning a recently discovered and highly critical vulnerability ...

Drupal’s advisory also included three patches for “moderately critical” bugs. Drupal is urging users to upgrade to the latest release that fixes two critical remote code execution bugs impacting ...

Exploitation attempts of a highly critical vulnerability discovered in the Drupal content management software (CMS) on February 20 were blocked by Cloudflare using Web Application Firewall (WAF) rules ...

A newly discovered vulnerability in Drupal has been exploited to turn infected systems into Monero mining bots. Worse, the vulnerability could easily be exploited to do far more than simply steal ...

The Drupal CMS team has released a security update to address a critical severity access bypass vulnerability in the CMS' core component that could allow attackers to take control of impacted sites.