Ars Technica

Drupal users take cover—code-execution bug is being actively exploited [updated]

Malicious hackers wasted no time exploiting a critical bug in the Drupal content management system that allows them to execute malicious code on website servers. Just hours after maintainers of the ...
Bleeping Computer

Drupalgeddon 2 Vulnerability Used to Infect Servers With Backdoors & Coinminers

Hackers haven't wasted their time in deciding what to do with the proof-of-concept (PoC) code that was published online last week for a major Drupal security flaw. According to multiple sources, ...