Drupal developers on Wednesday informed users that updates released for Drupal 8.9, 9.1 and 9.2 patch five vulnerabilities that can be exploited for cross-site request forgery (CSRF) and access bypass.
Source: Read More (SecurityWeek RSS Feed)
You might be interested in …
[TheRecord] White House sees ‘sign’ in new ransomware group’s pledge
A senior White House official on Wednesday said remarks by a new Russia ransomware gang that it wouldn’t target U.S. critical infrastructure is a sign that the administration’s calls for the Kremlin to crack down on cybercriminals is working. In an interview with a Recorded Future analyst published by The Record, representatives from BlackMatter — […]
[TheRecord] FBI warns of credential stuffing attacks against grocery and food delivery services
The FBI says that hackers are using credential stuffing attacks to hijack online accounts at grocery stores, restaurants, and food delivery services in order to drain user funds through fraudulent orders and to steal personal or financial data. The warning comes via an FBI Private Industry Notification the agency’s Cyber Division sent last week to […]
[BleepingComputer] Comcast now blocks BGP hijacking attacks and route leaks with RPKI
Comcast, one of America’s largest broadband providers, has now deployed RPKI on its network to defend against BGP route hijacks and leaks. Left unchecked, a BGP route hijack or leak can cause a drastic surge in internet traffic that now gets misdirected or stuck, leading to global congestion and a Denial of Service (DoS). […] Source: Read […]