This just arrived in email from wordfence.com. If you use Drupal or know someone who does, the Drupal patches need to be applied immediately to prevent / stop remote code execution attacks.
A more detailed overview of upgrade recommendations from the Drupal security team is available on Drupal.org. They have also published a detailed FAQ. This attack has been nicknamed “Drupalgeddon 2.” The previous Drupalgeddon was as high in severity as this, and had automated attacks against unpatched Drupal sites within a matter of hours after the public announcement of the vulnerability was made.
—<snip>—
Comments are closed