Collaborate Disseminate
Computer hackers are abusing the CVE-2018-7600 Drupal vulnerability using a new exploit called Drupalgeddon2 to take down sites. The attacks target site instances running versions 6,7 and 8 of Drupal and use the same security vulnerability which was ad… Continue reading CVE-2018-7600 Drupal Bug Used in New Attack
The sophisticated VPNFilter botnet that enslaved more than 500,000 routers and network-attached storage (NAS) devices is capable of infecting more devices than initially believed. The initial reports about VPNFilter identified 16 device models from Li… Continue reading VPNFilter Targets More Devices Than Initially Reported
More than 115,000 sites are still vulnerable to a highly critical Drupal bug – even though a patch was released three months ago. Continue reading Drupalgeddon 2.0 Still Haunting 115K+ Sites
A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March. Continue reading Muhstik Botnet Exploits Highly Critical Drupal Bug
Ever since March 28th, when Drupal published a patch for a RCE named Drupalgeddon 2.0 (SA-CORE-2018-002/CVE-2018-7600), Imperva has been monitoring our cloud looking for hackers’ attempts to exploit the vulnerability, but found nothing. Until tod… Continue reading Drupalgeddon 2.0: Are Hackers Slacking Off?
Drupal developers are urged to patch a bug that allows attackers to take over a site simply by visiting it. Continue reading Drupal Issues Highly Critical Patch: Over 1M Sites Vulnerable