There’s a cybersecurity risk in CMS Drupal that could leave nearly 1 million websites prone to a cyber attack. CMS Drupal is a free and open source content management framework that is written in PHP. Now, the team that designed Drupal is urging administrators to update their sites to ward off the bug.
Reports claim that the nasty bug could highly compromise these 1 million sites. The affected versions are Drupal 6, 7 and 8 and it has sited that this is a highly critical cybersecurity risk. It warns that nearly anyone visiting the site can easily hack into it.
In a blog post, the Drupal group said, “This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.”
In fact, an alert was sent last week about a “highly critical release” that would be released this weekend and that website admin should update it immediately. This left the developers and administrators on high alert.
The group has identified the bug as CVE-2018-7600. However, users on various social media are calling it drupalgeddon2 in reference to the major release from Drupal way back in 2014. Drupal has warned the websites to update to Drupal 7.58 or Drupal 8.5.1 as soon as possible to avoid any attack.
Indonesia bans access to Yahoo!, PayPal, and several gaming websites
Indian game-streaming platform Loco raises $42 million in latest funding round
U.S. sanctions $100 million sales for Taiwan missile upgrade
Mukesh Ambani’s Reliance Industries to buy the Mandarin Oriental in New York for $98 million
Xiaomi India slapped with $88 million notice for alleged tax evasion
© 2022 CIO Bulletin. All rights reserved.