Blog | G5 Cyber Security

Hackers Actively Exploiting Latest Drupal RCE Flaw Published Last Week

Last week, developers of the popular open-source content management system Drupal patched a critical remote code execution (RCE) vulnerability (CVE-2019-6340) in Drupal Core. The proof-of-concept exploit code for the vulnerability was made publicly available on the Internet just two days after the Drupal security team rolled out the patched version of its software. Now, security researchers at data center security vendor Imperva discovered a series of attacks against its customers’ websites using an exploit that leverages the vulnerability. The attacks originated from several attackers and countries have found targeting vulnerable Drupal websites.

Source: https://thehackernews.com/2019/02/drupal-hacking-exploit.html

Exit mobile version