PC World

Drupal sites at risk due to insecure update mechanism

The update mechanism of the popular Drupal content management system is insecure in several ways, allowing attackers to trick administrators into installing malicious updates. Researcher Fernando ...
Government Technology

Why Big Sites Run Drupal

For the Georgia Technology Authority (GTA), the decision to dump its aging content management system (CMS) was easy. Running 65 state government websites on two different versions of proprietary ...
Linux Journal

Drupal Is a Framework: Why Everyone Needs to Understand This

Everyone planning and building Web solutions with Drupal benefits from understanding what a "hook" is—and why Drupal is not a CMS. One of the greatest challenges that Drupal adopters face, whether ...
Bleeping Computer

Drupal Fixes Drupalgeddon2 Security Flaw That Allows Hackers to Take Over Sites

The Drupal CMS team has fixed a highly critical security flaw that allows hackers to take over a site just by accessing an URL. Drupal site owners should immediately —and we mean right now— update ...
ZDNet

Drupal sites vulnerable to double-extension attacks

The team behind the Drupal content management system (CMS) has released this week security updates to patch a critical vulnerability that is easy to exploit and can grant attackers full control over ...
Bleeping Computer

Two Months Later, Over 115,000 Drupal Sites Still Vulnerable to Drupalgeddon 2

Two months after the Drupal project released a patch for a highly critical security flaw, there are over 115,000 Drupal sites that have failed to install the fix and are now at the mercy of ...
CSOonline

Drupal sites at risk due to insecure update mechanism

The update mechanism of the popular Drupal content management system is insecure in several ways, allowing attackers to trick administrators into installing malicious updates. Researcher Fernando ...