Thousands of Drupal Sites Still Affected by Critical Flaw

According to a new analysis by released last Tuesday by Troy Mursch of Bad Packets Report, there are still hundreds of thousands of servers and websites affected by a critical flaw in Drupal 6 and later versions which attackers can exploit to access and edit private data.

Mursch further revealed that around 1,885 sites affected by the Drupalgeddon 2 bug are in Alexa’s top 1 million. He also found that the Drupal website of a police department in Belgium had been affected by a cryptojacking campaign. Similarly, researcher Scott Helme also discovered a mining code running on NHS England’s Drupal website.  

Source: ZDNet