Drupal is warning users that it’s preparing a patch for a ‘highly critical’ vulnerability that may be exploited shortly after its disclosure.

The Drupal CMS team has fixed a highly critical security flaw that allows hackers to take over a site just by accessing an URL. Drupal site owners should immediately —and we mean right now— update ...

Drupal, the popular open-source content management system used by hundreds of thousands of blogs and websites, has reset the passwords of its Drupal.org users following a data security breach of the ...

Drupal has released a security update to address a critical vulnerability in a third-party library with documented or deployed exploits available in the wild. "The Drupal project uses the pear Archive ...

Earlier this month at Drupalcon, the Drupal Security Team held a Birds of a Feather (BOF) session on how to improve communication. One of the outcomes was to make it clearer which security advisories ...

The Drupal Association explained in a notice that hackers were able to get into the system via a known vulnerability inside third-party software that was installed on the Drupal.org server ...

The message today to the millions of users of WordPress and Drupal content management systems: Fire up those security updates. The web content management system (CMS) providers released security ...

Drupal has issued a security update which resolves three security flaws, two of which are deemed critical. Earlier this week, the open-source website content management system (CMS) released a ...

Drupal issued a security advisory of four critical vulnerabilities rated from moderately critical to critical. The vulnerabilities affect Drupal versions 9.3 and 9.4. The security advisory warned that ...