ZDNet

A year after patch, Drupalgeddon2 is still being employed in cybercriminal attacks

A remote code execution (RCE) vulnerability patched over a year and a half ago is still being actively employed in attacks against high-profile websites. According to cybersecurity researchers from ...
Bleeping Computer

Drupal Fixes Drupalgeddon2 Security Flaw That Allows Hackers to Take Over Sites

The Drupal CMS team has fixed a highly critical security flaw that allows hackers to take over a site just by accessing an URL. Drupal site owners should immediately —and we mean right now— update ...