Collaborate Disseminate
Hackers have started exploiting a recently disclosed critical vulnerability in Drupal shortly after the public release of working exploit code.
Two weeks ago, Drupal security team discovered a highly critical remote code execution vulnerability, dubbe… Continue reading Hackers Have Started Exploiting Drupal RCE Exploit Released Yesterday
The Drupal Project has released patches for a highly critical vulnerability that affects all supported versions of the popular CMS, is very easy to exploit and can lead to a complete compromise of affected websites. The vulnerability, which the Drupal… Continue reading Drupal Websites at Risk Due to Highly Critical Vulnerability
Drupal developers are urged to patch a bug that allows attackers to take over a site simply by visiting it. Continue reading Drupal Issues Highly Critical Patch: Over 1M Sites Vulnerable
A highly critical security patch was released on Wednesday for the popular Drupal content management system, which powers some of the world’s most visited websites. The message from the developers is simple: Drop everything and patch now. Update now — Drupal core – Highly critical – Remote Code Execution – SA-CORE-2018-002 — https://t.co/uwzodrmegc — Drupal Security (@drupalsecurity) March 28, 2018 The new update fixes a remote code execution vulnerability that “potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.” All it takes is for an anonymous user to visit a targeted page and they can see, modify and delete private data. No attacks have been detected yet, but the Drupal team and experts believe they will commence in short order. Given the severity of the issue, the Drupal team has provided updates to older versions of the software it had stopped supporting. […]
The post ‘Highly critical’ Drupal security flaw prompts urgent patch appeared first on Cyberscoop.
Continue reading ‘Highly critical’ Drupal security flaw prompts urgent patch
The Spanish National Police has arrested the suspected leader of a cybercriminal gang that stole more than €1 billion from financial institutions in more than 40 countries. The gang has been operating since 2013 and has hit more than 100 financial in… Continue reading Spanish Authorities Arrest Leader of Cybercriminal Gang Behind €1 Billion Heist
DRUPAL-PSA-2018-001 was released recently.
Does anyone have any idea what the vulnerability being patched is?
Drupal is giving developers ample time to prepare for an update that patches a “highly critical” flaw because exploits might be developed within hours or days of disclosure. Continue reading Drupal Forewarns ‘Highly Critical’ Bug to be Patched Next Week
This week, Paul reports on Intel, Drupal, Bitcoin, and Microsoft! Jason Wood joins us for the expert commentary, and more on this episode of Hack Naked News! News Intel ships (hopefully stable) microcode for Skylake, Kaby Lake, Coffee Lake – I re… Continue reading Israel, Intel, Steve Wozniak, and Suing Microsoft – Hack Naked News #163
As more and more Coinhive clones continue popping up, chances of users’ CPU power being hijacked for cryptocurrency mining are rising. According to Malwarebytes’ latest figures, their AV solution blocked an average of 8 million cryptojacking attempts per day from late September to late October. And that’s just the attempts tied to Coinhive domains and proxies! Censys’s search engine reveals that nearly 900 of the top one million most visited sites runs the Coinhive script. … More → Continue reading The Wild West of drive-by cryptocurrency mining
A critical flaw in Drupal CMS platform could allow unwanted access to the platform allowing a third-party to view, create, update or delete entities.
Continue reading Drupal Patches Critical Access Bypass in Core Engine