In a year filled with horrible security blunders we may have a winner for worst of the year with eight weeks still to go. We knew two weeks ago when the Drupal team disclosed a really, really bad SQL ...

A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March. Researchers are warning a recently discovered and highly critical vulnerability ...

Exploitation attempts of a highly critical vulnerability discovered in the Drupal content management software (CMS) on February 20 were blocked by Cloudflare using Web Application Firewall (WAF) rules ...

Drupal’s advisory also included three patches for “moderately critical” bugs. Drupal is urging users to upgrade to the latest release that fixes two critical remote code execution bugs impacting ...

Drupal has released a security update to address a critical vulnerability in a third-party library with documented or deployed exploits available in the wild. "The Drupal project uses the pear Archive ...

Developers of popular open-source CMS Drupal are warning admins to immediately patch a flaw that an attacker can exploit just by visiting a vulnerable site. The bug affects all sites running on Drupal ...