The Australian Cyber Security Centre (ACSC) has released new guidelines to assist organizations in securing Content Management Systems (CMS). The guidelines include good mitigation advice in areas of patching, account management, hardening and monitoring to name a few.
Cyber attackers are exploiting an older Drupal remote code execution vulnerability CVE-2018-7600 dubbed Drupalgeddon2.
WordPress 5.2.3 Security and Maintenance Release is now out. The update includes 29 feature enhancements and fixes, as well as security fixes.
Drupal has released a security update to address a critical vulnerability in Drupal 8.7.4 Workspaces module.
Cyber attackers have compromised hundreds of CMS sites running WordPress or Joomla to serve up Shade ransomware and phishing pages in the wild.
Security researchers have uncovered a malware campaign that has compromised thousands of websites running popular content management systems (CMS), such as WordPress, Joomla and Squarespace.