New Muhstik Botnet Attacks Target Tomato RoutersJanuary 22, 202000381Palo Alto Networks’ Unit 42 researchers observed a variant of the wormlike botnet that adds scanner technology to brute-force Web authentication.[ Read More ]
Serious Phar Flaw Allows Arbitrary Code Execution on DrupalMay 9, 201900366Drupal, Typo3 and Joomla are all impacted by the bug.[ Read More ]
Highly Critical Drupal RCE Flaw Affects Millions of WebsitesFebruary 21, 201900406Admins should update immediately to fix a remote code-execution vulnerability.[ Read More ]
ThreatList: WordPress Vulnerabilities Tripled in 2018January 9, 201900478Despite fewer plugins being added to WordPress last year, the CMS saw an astounding tripling of vulnerabilities in its platform in 2018.[ Read More ]
EU Offers Bug Bounties For 14 Open Source ProjectsJanuary 2, 201900472As the bug bounty programs begin to roll out in January, security experts worry that the programs miss the mark on truly securing open source projects.[ Read More ]
Cryptojacking Attack Targets Make-A-Wish Foundation WebsiteNovember 19, 201800515Hackers took advantage of an unpatched Drupal vulnerability in the organization’s website to launch a cryptojacking attack.[ Read More ]
Two Critical RCE Bugs Patched in Drupal 7 and 8October 20, 201800532Drupal’s advisory also included three patches for “moderately critical” bugs.[ Read More ]
As End of Life Nears, More Than Half of Websites Still Use PHP V5October 16, 201800549Support for PHP 5.6 drops on December 31 – but a recent report found that almost 62 percent of websites are still using version 5.[ Read More ]
Drupalgeddon 2.0 Still Haunting 115K+ SitesJune 5, 201800520More than 115,000 sites are still vulnerable to a highly critical Drupal bug – even though a patch was released three months ago.[ Read More ]
Muhstik Botnet Exploits Highly Critical Drupal BugApril 23, 201800589A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March.[ Read More ]