Hackers Exploit Drupal Theme Vulnerability to Inject Malware on 5,000 Sites
A critical vulnerability in Drupal theme frameworks has been exploited to inject malware onto approximately 5,000 websites, compromising user data and...
Drupal Security Patch Released to Fix Critical Flaw Affecting Latest Versions
Drupal has released critical security patches to address severe vulnerabilities affecting the latest versions of the platform.
FBI Warns Drupal Site Owners About Active Exploitation of CVE-2026-4.8
An alleged FBI warning regarding CVE-2026-4.8 and active Drupal exploitation has circulated online, but extensive verification through official...
Drupal Sites Hit by Massive Botnet Attack Targeting Yoast SEO Specific Vulnerability
A massive botnet attack has specifically targeted Drupal sites running Yoast SEO, exploiting a vulnerability in how the plugin handles certain requests on...
New Zero Day Drupal Vulnerability Lets Hackers Take Over Sites in Seconds
A series of critical vulnerabilities discovered in Drupal core in 2026 poses significant risks to websites running affected versions, though the actual...
Drupal Plugin With 4.8 Million Installs Discovered to Have Backdoor Malware
A widely-installed Drupal plugin with millions of active deployments was recently found to contain malware code designed to give attackers backdoor access...
Critical Drupal Vulnerability Affects 4.8 Million Sites – Update Required Immediately
While a specific critical Drupal vulnerability affecting exactly 4.8 million sites has not been independently verified in official sources, multiple...
WordPress Vulnerability Database Adds 23 New CVEs This Month
Specific data about 23 new CVEs added to the WordPress Vulnerability Database in May 2026 is not yet widely available, as monthly vulnerability statistics...
Researchers Find 3 Critical Flaws in Popular UpdraftPlus Plugin Used by 12.5 Million Sites
Researchers have identified three critical security vulnerabilities in UpdraftPlus, the WordPress backup and migration plugin trusted by approximately 12.
WordPress Admin Accounts Sold on Dark Web for $780 Each According to Report
Reports of WordPress admin accounts being sold on dark web marketplaces reflect a significant and ongoing threat to website owners.