
CISA warns of exploited Drupal bug
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a critical SQL injection vulnerability in the Drupal CMS. The flaw is being actively exploited, prompting CISA to set a tight deadline for government servers to be secured against potential attacks.

