- Security Fixes and Improvements
- By Ionut Ilascu
- March 19th, 2015
Drupal Security Update Fixes Password Reset Flaw
Vulnerabilities are considered moderately critical
- Incidents
- By Ionut Ilascu
- October 31st, 2014
RIG Exploit Kit Used in Drupal CMS Exploit Incidents
Malicious toolkit is hosted on machine located in Russia
- Advisories
- By Ionut Ilascu
- October 30th, 2014
All Unpatched Drupal 7 Versions Should Be Assumed Compromised
Hundreds of thousands of websites run on Drupal
- Security Fixes and Improvements
- By Ionut Ilascu
- October 16th, 2014
Highly Critical SQL Injection Flaw in Drupal Is Easy to Exploit, Leveraged in the Wild
Installing the patched version is an urgent matter
- Security Fixes and Improvements
- By Ionut Ilascu
- August 7th, 2014
WordPress and Drupal Fix Common PHP XML Parser Vulnerability
Security teams cooperate and release improved versions of their CMS solution
- Security Blog
- By Ionut Ilascu
- July 17th, 2014
Critical Vulnerabilities Fixed in Drupal 7.29 and 6.32
Potential attackers could gain access to sensitive data
- Security Blog
- By Eduard Kovacs
- April 17th, 2014
Drupal 7.27 and 6.31 Released to Fix Information Disclosure Vulnerability
Users are advised to update their installations as soon as possible
- Security Blog
- By Eduard Kovacs
- January 16th, 2014
Highly Critical Vulnerability Fixed with the Release of Drupal 7.26 and 6.30
The releases don't contain any new features or functionality bug fixes
- Security Blog
- By Eduard Kovacs
- November 22nd, 2013
Drupal 7.24 and 6.29 Released to Fix Several Vulnerabilities
No new features or bug fixes are included in the releases
- Security Blog
- By Eduard Kovacs
- November 19th, 2013
Security App of the Week: Security Kit for Drupal
The module offers protection against clickjacking, XSS, and CSRF attacks
- Web Blog
- By Catalin Cimpanu
- November 9th, 2013
Script of the Day: Drupal Commerce
An open source e-commerce framework for Drupal sites
- Security Blog
- By Eduard Kovacs
- October 22nd, 2013
Security App of the Week: Spam Blackhole for Drupal
Send all spam submissions to a domain that doesn't exist
- Web Blog
- By Catalin Cimpanu
- October 14th, 2013
Script of the Day: Social Share
A Drupal module for adding social sharing features to any page
- Hacking News
- By Eduard Kovacs
- May 30th, 2013
Drupal.org Hacked, User Passwords Compromised
The attackers have leveraged a vulnerability in third-party software
- Security Blog
- By Eduard Kovacs
- February 21st, 2013
Drupal 7.20 Released to Address DOS Vulnerability
Non-security fixes or new features are not included in the release
- Security Blog
- By Eduard Kovacs
- January 17th, 2013
Drupal 7.19 and 6.28 Released to Address XSS, Access Bypass Flaws
Users are advised to update their installations as soon as possible
- Security Blog
- By Eduard Kovacs
- December 20th, 2012
Drupal 7.18 and 6.28 Released to Address Security Vulnerabilities
Users are advised to apply the updates immediately