CSOonline

Researchers map Drupal attack that bypasses poorly tuned Web Application Firewalls

Late last year, CSO Online reported on a vulnerability in Drupal that could have left thousands of websites compromised. Last week, researchers examined the attack in more detail, measuring the time ...
CSOonline

Drupal sites at risk due to insecure update mechanism

The update mechanism of the popular Drupal content management system is insecure in several ways, allowing attackers to trick administrators into installing malicious updates. Researcher Fernando ...