Joomla Re-Issues Security Update After Patches Glitch
A security update for the Joomla content management system was pulled and re-issued after problems with the first set of patches for a remote file inclusion and denial of service vulnerability were...
View ArticleDrupal Patches Denial of Service Vulnerability; Details Disclosed
Drupal has released a patched a denial of service and account hijacking vulnerability, details of which were disclosed by the researchers who discovered the issue.
View ArticlePHP Applications, WordPress Subject to Ghost glibc Vulnerability
Researchers at Sucuri revealed that applications such as WordPress that support PHP could also be subject to the Ghost vulnerability in glibc.
View ArticleAttacks Ramp Up Against Joomla Zero Day
Researchers at Sucuri said attacks against a zero-day vulnerability in Joomla, which has been patched, have accelerated since the weekend.
View ArticleWordPress 4.4.1 Update Resolves XSS Vulnerability
Developers at WordPress are warning users of the content management system to download and apply the most recent update, pushed yesterday, to address a cross-site scripting vulnerability.
View ArticleDrupal Update Fixes 10 Vulnerabilities, One Critical
Drupal addressed 10 vulnerabilities in the CMS this week, including a critical access bypass issue and another issue that could lead to remote code execution.
View ArticleDrupal Fixes ‘Moderately Critical’ Vulnerabilities in Core Engine
Drupal fixed a handful of issues in version 7 and 8 of the content management system core engine that could have led to cache poisoning, social engineering attacks, and a denial of service condition.
View ArticleDrupal Closes Access Bypass Vulnerability in Core Engine
Drupal released a point update for its core engine to patch a critical access bypass vulnerability.
View ArticleDrupal Forewarns ‘Highly Critical’ Bug to be Patched Next Week
Drupal is giving developers ample time to prepare for an update that patches a “highly critical” flaw because exploits might be developed within hours or days of disclosure.
View ArticleNew Drupalgeddon Attacks Enlist Shellbot to Open Backdoors
Drupalgeddon 2.0 vulnerability is being exploited again by attackers using a time-honored technique of Shellbot, or PerlBot.
View Article