Drupal remote code execution vulnerability exploited widely (SA-CORE-2018-004) - Lax security makes a dent in enterprise adoption aspirations?

Submitted by dryer on Thu, 04/26/2018 - 06:30

Drupal has had a bad first half of 2018 regarding security. Following Drupalgeddon 2 and the botnet exploits came a smaller update. This is now followed with a critical vulnerability (SA-CORE-2018-004) that allows remote code execution.

Drupalgeddon 2 Drupal vulnerability exploiting botnets emerge

Submitted by dryer on Thu, 04/19/2018 - 12:13

Several weeks after responsible hosters have patched their installations for Drupalgeddon 2, there are still many unpatched installations out there. Originally the vulnerabilities were unveiled in late March. After Checkpoint did their piece on uncovering Drupalgeddon 2, exploiters have activated on the issue.

Drupal Critical Vulnerabilities Exploit (SA-CORE-2018-002)

Submitted by dryer on Wed, 03/28/2018 - 18:09

Drupal is a content management system often used for Enterprise Content Management Projects. The tool is large and has integrated features such as a database entity system, which leaves it open to lots of attack vectors because of the large API surface.Without a central authority like Acquia handling security updates, things can be difficult to patch and there will be vulnerable installs as was the case with Drupalgeddon in 2014.

Why is Drupal now the second most hated platform behind SharePoint?

Submitted by dryer on Fri, 03/16/2018 - 07:40

The annual Stack Overflow Developer Survey Results are in for 2018. The world's leading developer platform draws together unique insight on the technology landscape from over a 100,000 developers. The trends are continually changing in the technology world.

Universal JavaScript Frameworks

Submitted by dryer on Wed, 01/10/2018 - 12:15

Universal JavaScript Frameworks are a trending technology, which is useful especially in cases where you need best possible performance and best SEO visibility. Universal (or Isomorphic) JavaScript that runs both on a Node.js powered server and on the users' browser or another machine, like GoogleBot, rendering HTML.


GraphQL, React and Next.js for Drupal developers

Submitted by dryer on Fri, 10/06/2017 - 19:06

Drupal is a popular enterprise grade Content Management System (CMS) that has traditionally been built around the PHP server side programming language. In addition Drupal also adopted jQuery and Backbone JavaScript libraries relatively early. With Drupal 8 finally bringing Drupal up-to-par on heavyweight Object Oriented Programming methodologies, it is now a more worthy contender to systems built with enterprise grade tools written in Java and .NET.

When Open Source gets weird: The Dark secrets of Drupal?

Submitted by dryer on Tue, 07/18/2017 - 21:48

Earlier this year the Drupal community was shaken when the Project Leader Dries Buytaert decided to expell the lead developer Larry Garfield from the project, based on accusations of somewhat weird BDSM play. Backstory: BDSM sex rocks Drupal world: Top dev banished for sci-fi hanky-panky

Tracking Drupal usage in 2017 and future market share with Google Trends and the Drupal Registry

Submitted by dryer on Tue, 05/09/2017 - 12:38


In the recent times there has been much said about the market share of Drupal and where it is moving. It is clear now that Drupal will never match the prowess that WordPress can claim, but it is still interesting to see where the powerful Open Source CMS will move in the future regards in volume.