#drupal — Public Fediverse posts

Sigh, and again the damn thing refuses to do what it is told to do. #drupal #composer #upgrade

Day one of #DrupalPivot in Boston wrapped up with high energy, dynamic conversations, and the unique collaborative spirit that only an unconference can bring. 🙌

A huge #DrupalThanks to our sponsors, Acquia and Sevaa Group, and to all the attendees who brought their ideas and enthusiasm to the table today. Looking forward to what day two brings!

#Drupal #UnConference #OpenSource

Patch now! Attackers exploiting critical malicious code vulnerability in Drupal

Attackers are currently targeting websites created with the CMS Drupal. However, pages are only vulnerable if they use PostgreSQL.

https://www.heise.de/en/news/Patch-now-Attackers-exploiting-critical-malicious-code-vulnerability-in-Drupal-11306097.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cyberangriff #Drupal #Exploit #IT #Patchday #Security #Sicherheitslücken #Updates #news

Patch now! Attackers exploiting critical malicious code vulnerability in Drupal

Attackers are currently targeting websites created with the CMS Drupal. However, pages are only vulnerable if they use PostgreSQL.

https://www.heise.de/en/news/Patch-now-Attackers-exploiting-critical-malicious-code-vulnerability-in-Drupal-11306097.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cyberangriff #Drupal #Exploit #IT #Patchday #Security #Sicherheitslücken #Updates #news

Patch now! Attackers exploiting critical malicious code vulnerability in Drupal

Attackers are currently targeting websites created with the CMS Drupal. However, pages are only vulnerable if they use PostgreSQL.

https://www.heise.de/en/news/Patch-now-Attackers-exploiting-critical-malicious-code-vulnerability-in-Drupal-11306097.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cyberangriff #Drupal #Exploit #IT #Patchday #Security #Sicherheitslücken #Updates #news

Patch now! Attackers exploiting critical malicious code vulnerability in Drupal

Attackers are currently targeting websites created with the CMS Drupal. However, pages are only vulnerable if they use PostgreSQL.

https://www.heise.de/en/news/Patch-now-Attackers-exploiting-critical-malicious-code-vulnerability-in-Drupal-11306097.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cyberangriff #Drupal #Exploit #IT #Patchday #Security #Sicherheitslücken #Updates #news

Patch now! Attackers exploiting critical malicious code vulnerability in Drupal

Attackers are currently targeting websites created with the CMS Drupal. However, pages are only vulnerable if they use PostgreSQL.

https://www.heise.de/en/news/Patch-now-Attackers-exploiting-critical-malicious-code-vulnerability-in-Drupal-11306097.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cyberangriff #Drupal #Exploit #IT #Patchday #Security #Sicherheitslücken #Updates #news

Jetzt patchen! Angreifer nutzen kritische Schadcode-Lücke in Drupal aus

Angreifer haben es derzeit auf mit dem CMS Drupal erstellte Websites abgesehen. Seiten sind aber nur verwundbar, wenn sie PostgreSQL nutzen.

https://www.heise.de/news/Jetzt-patchen-Angreifer-nutzen-kritische-Schadcode-Luecke-in-Drupal-aus-11305870.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cyberangriff #Drupal #Exploit #IT #Patchday #Security #Sicherheitslücken #Updates #news

Jetzt patchen! Angreifer nutzen kritische Schadcode-Lücke in Drupal aus

Angreifer haben es derzeit auf mit dem CMS Drupal erstellte Websites abgesehen. Seiten sind aber nur verwundbar, wenn sie PostgreSQL nutzen.

https://www.heise.de/news/Jetzt-patchen-Angreifer-nutzen-kritische-Schadcode-Luecke-in-Drupal-aus-11305870.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cyberangriff #Drupal #Exploit #IT #Patchday #Security #Sicherheitslücken #Updates #news

Jetzt patchen! Angreifer nutzen kritische Schadcode-Lücke in Drupal aus

Angreifer haben es derzeit auf mit dem CMS Drupal erstellte Websites abgesehen. Seiten sind aber nur verwundbar, wenn sie PostgreSQL nutzen.

https://www.heise.de/news/Jetzt-patchen-Angreifer-nutzen-kritische-Schadcode-Luecke-in-Drupal-aus-11305870.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cyberangriff #Drupal #Exploit #IT #Patchday #Security #Sicherheitslücken #Updates #news

Jetzt patchen! Angreifer nutzen kritische Schadcode-Lücke in Drupal aus

Angreifer haben es derzeit auf mit dem CMS Drupal erstellte Websites abgesehen. Seiten sind aber nur verwundbar, wenn sie PostgreSQL nutzen.

https://www.heise.de/news/Jetzt-patchen-Angreifer-nutzen-kritische-Schadcode-Luecke-in-Drupal-aus-11305870.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cyberangriff #Drupal #Exploit #IT #Patchday #Security #Sicherheitslücken #Updates #news

Jetzt patchen! Angreifer nutzen kritische Schadcode-Lücke in Drupal aus

Angreifer haben es derzeit auf mit dem CMS Drupal erstellte Websites abgesehen. Seiten sind aber nur verwundbar, wenn sie PostgreSQL nutzen.

https://www.heise.de/news/Jetzt-patchen-Angreifer-nutzen-kritische-Schadcode-Luecke-in-Drupal-aus-11305870.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cyberangriff #Drupal #Exploit #IT #Patchday #Security #Sicherheitslücken #Updates #news

About a month ago, I posted about the "bottleneck" quote that Aidan Foster has now expanded on in this level-headed blog post about using AI: 🤖

https://www.drupal.org/about/ai/initiatives/blog/the-skills-that-matter-for-leaders-builders-and-doers-in-the-age-of-ai

Good stuff! 💪👏🧠

#Drupal #ai

New! Drupal 11: Building A Link Directory: Part 1

This is the first part in a series of articles looking at creating a link directory in Drupal.

In this article Phil goes through how he set up the link directory in Drupal, how links are added, and how the site is able to take screenshots of the links as they are added to the directory.

https://www.hashbangcode.com/article/drupal-11-building-link-directory-part-1
#drupal #drupalDevelopment #hashbangcode

This article originally appeared on The Fulcrum.

Welcome to this week’s The Programmer’s Fulcrum.

It’s your weekly curation of the essential news in the Open Media Network and Fediverse development communities with a focus on devastating big tech via Techno Anarchism.

As usual, we aim to provide actionable content you can use to destroy Techno Feudalism each week. It has the additional […]

This article originally appeared on The Fulcrum.

Welcome to this week’s The Programmer’s Fulcrum.

It’s your weekly curation of the essential news in the Open Media Network and Fediverse development communities with a focus on devastating big tech via Techno Anarchism.

As usual, we aim to provide actionable content you can use to destroy Techno Feudalism each week. It has the additional […]

This article originally appeared on The Fulcrum.

Welcome to this week’s The Programmer’s Fulcrum.

It’s your weekly curation of the essential news in the Open Media Network and Fediverse development communities with a focus on devastating big tech via Techno Anarchism.

As usual, we aim to provide actionable content you can use to destroy Techno Feudalism each week. It has the additional […]

This article originally appeared on The Fulcrum.

Welcome to this week’s The Programmer’s Fulcrum.

It’s your weekly curation of the essential news in the Open Media Network and Fediverse development communities with a focus on devastating big tech via Techno Anarchism.

As usual, we aim to provide actionable content you can use to destroy Techno Feudalism each week. It has the additional […]

This article originally appeared on The Fulcrum.

Welcome to this week’s The Programmer’s Fulcrum.

It’s your weekly curation of the essential news in the Open Media Network and Fediverse development communities with a focus on devastating big tech via Techno Anarchism.

As usual, we aim to provide actionable content you can use to destroy Techno Feudalism each week. It has the additional […]

Some helpful tips on adapting to Gitlab-based #Drupal issue queues from @ultimike on @drupaleasy - https://www.drupaleasy.com/quicktips/getting-comfortable-gitlab-and-drupal-issue-queue (and +1 to stating that the article is #AIFree!)

Some helpful tips on adapting to Gitlab-based #Drupal issue queues from @ultimike on @drupaleasy - https://www.drupaleasy.com/quicktips/getting-comfortable-gitlab-and-drupal-issue-queue (and +1 to stating that the article is #AIFree!)

Some helpful tips on adapting to Gitlab-based #Drupal issue queues from @ultimike on @drupaleasy - https://www.drupaleasy.com/quicktips/getting-comfortable-gitlab-and-drupal-issue-queue (and +1 to stating that the article is #AIFree!)

Some helpful tips on adapting to Gitlab-based #Drupal issue queues from @ultimike on @drupaleasy - https://www.drupaleasy.com/quicktips/getting-comfortable-gitlab-and-drupal-issue-queue (and +1 to stating that the article is #AIFree!)

Some helpful tips on adapting to Gitlab-based #Drupal issue queues from @ultimike on @drupaleasy - https://www.drupaleasy.com/quicktips/getting-comfortable-gitlab-and-drupal-issue-queue (and +1 to stating that the article is #AIFree!)

Drupal Sites Targeted in SQL Injection Attacks

Drupal sites are under attack as SQL injection exploits are now being detected in the wild, taking advantage of a vulnerability that can be triggered without authentication. This critical flaw, CVE-2026-9082, allows attackers to execute arbitrary SQL and potentially run remote code, putting sites that use PostgreSQL at risk.

https://osintsights.com/drupal-sites-targeted-in-sql-injection-attacks?utm_source=mastodon&utm_medium=social

#SqlInjection #Drupal #Cve20269082 #EmergingThreats #ArbitraryCodeExecution

Drupal Sites Targeted in SQL Injection Attacks

Drupal sites are under attack as SQL injection exploits are now being detected in the wild, taking advantage of a vulnerability that can be triggered without authentication. This critical flaw, CVE-2026-9082, allows attackers to execute arbitrary SQL and potentially run remote code, putting sites that use PostgreSQL at risk.

https://osintsights.com/drupal-sites-targeted-in-sql-injection-attacks?utm_source=mastodon&utm_medium=social

#SqlInjection #Drupal #Cve20269082 #EmergingThreats #ArbitraryCodeExecution

Drupal Sites Targeted in SQL Injection Attacks

Drupal sites are under attack as SQL injection exploits are now being detected in the wild, taking advantage of a vulnerability that can be triggered without authentication. This critical flaw, CVE-2026-9082, allows attackers to execute arbitrary SQL and potentially run remote code, putting sites that use PostgreSQL at risk.

https://osintsights.com/drupal-sites-targeted-in-sql-injection-attacks?utm_source=mastodon&utm_medium=social

#SqlInjection #Drupal #Cve20269082 #EmergingThreats #ArbitraryCodeExecution

Drupal Sites Targeted in SQL Injection Attacks

Drupal sites are under attack as SQL injection exploits are now being detected in the wild, taking advantage of a vulnerability that can be triggered without authentication. This critical flaw, CVE-2026-9082, allows attackers to execute arbitrary SQL and potentially run remote code, putting sites that use PostgreSQL at risk.

https://osintsights.com/drupal-sites-targeted-in-sql-injection-attacks?utm_source=mastodon&utm_medium=social

#SqlInjection #Drupal #Cve20269082 #EmergingThreats #ArbitraryCodeExecution

Drupal Sites Targeted in SQL Injection Attacks

Drupal sites are under attack as SQL injection exploits are now being detected in the wild, taking advantage of a vulnerability that can be triggered without authentication. This critical flaw, CVE-2026-9082, allows attackers to execute arbitrary SQL and potentially run remote code, putting sites that use PostgreSQL at risk.

https://osintsights.com/drupal-sites-targeted-in-sql-injection-attacks?utm_source=mastodon&utm_medium=social

#SqlInjection #Drupal #Cve20269082 #EmergingThreats #ArbitraryCodeExecution

🚨 Drupal sites using PostgreSQL face a highly critical SQL injection vuln (CVE-2026-9082), risking RCE & data exposure. Patch versions 11.3, 11.2, 10.6, 10.5.x ASAP. Update Symfony & Twig too. No active exploitation yet. https://radar.offseq.com/threat/drupal-patches-highly-critical-vulnerability-expos-a1486e66 #OffSeq #Drupal #SQLInjection #Infosec

🚨 Drupal sites using PostgreSQL face a highly critical SQL injection vuln (CVE-2026-9082), risking RCE & data exposure. Patch versions 11.3, 11.2, 10.6, 10.5.x ASAP. Update Symfony & Twig too. No active exploitation yet. https://radar.offseq.com/threat/drupal-patches-highly-critical-vulnerability-expos-a1486e66 #OffSeq #Drupal #SQLInjection #Infosec

🚨 Drupal sites using PostgreSQL face a highly critical SQL injection vuln (CVE-2026-9082), risking RCE & data exposure. Patch versions 11.3, 11.2, 10.6, 10.5.x ASAP. Update Symfony & Twig too. No active exploitation yet. https://radar.offseq.com/threat/drupal-patches-highly-critical-vulnerability-expos-a1486e66 #OffSeq #Drupal #SQLInjection #Infosec

🚨 Drupal sites using PostgreSQL face a highly critical SQL injection vuln (CVE-2026-9082), risking RCE & data exposure. Patch versions 11.3, 11.2, 10.6, 10.5.x ASAP. Update Symfony & Twig too. No active exploitation yet. https://radar.offseq.com/threat/drupal-patches-highly-critical-vulnerability-expos-a1486e66 #OffSeq #Drupal #SQLInjection #Infosec

Drupal Flaw Exposes PostgreSQL Sites to Remote Code Execution Attacks

A vulnerability in Drupal Core's database abstraction API leaves PostgreSQL sites open to devastating SQL injection attacks, allowing hackers to send malicious requests and wreak havoc. This highly critical flaw, tracked as CVE-2026-9082, has been patched with urgent security updates.

https://osintsights.com/drupal-flaw-exposes-postgresql-sites-to-remote-code-execution-attacks?utm_source=mastodon&utm_medium=social

#SqlInjection #RemoteCodeExecution #Postgresql #Drupal #Cve20269082

Patch immediately before public exploits emerge.

https://www.drupal.org/sa-core-2026-004

Affected:

- 8.9.0 , < 10.4.10
- 10.5.0 , < 10.5.10
- 10.6.0 , < 10.6.9
- 11.0.0 , < 11.1.10
- 11.2.0 , < 11.2.12
- 11.3.0 , < 11.3.10

CVE-2026-9082 - Highly critical - SQL Injection
CVE-2026-8495 - Missing Authorization
CVE-2026-8493 - XSS
CVE-2026-8492
CVE-2026-8491

#Drupal #PHP #CyberSecurity #Infosec #CVE #WebSecurity #PostgreSQL #SqlInjection #PrivilegeEscalation #XSS

Patch immediately before public exploits emerge.

https://www.drupal.org/sa-core-2026-004

Affected:

- 8.9.0 , < 10.4.10
- 10.5.0 , < 10.5.10
- 10.6.0 , < 10.6.9
- 11.0.0 , < 11.1.10
- 11.2.0 , < 11.2.12
- 11.3.0 , < 11.3.10

CVE-2026-9082 - Highly critical - SQL Injection
CVE-2026-8495 - Missing Authorization
CVE-2026-8493 - XSS
CVE-2026-8492
CVE-2026-8491

#Drupal #PHP #CyberSecurity #Infosec #CVE #WebSecurity #PostgreSQL #SqlInjection #PrivilegeEscalation #XSS

Patch immediately before public exploits emerge.

https://www.drupal.org/sa-core-2026-004

Affected:

- 8.9.0 , < 10.4.10
- 10.5.0 , < 10.5.10
- 10.6.0 , < 10.6.9
- 11.0.0 , < 11.1.10
- 11.2.0 , < 11.2.12
- 11.3.0 , < 11.3.10

CVE-2026-9082 - Highly critical - SQL Injection
CVE-2026-8495 - Missing Authorization
CVE-2026-8493 - XSS
CVE-2026-8492
CVE-2026-8491

#Drupal #PHP #CyberSecurity #Infosec #CVE #WebSecurity #PostgreSQL #SqlInjection #PrivilegeEscalation #XSS

Patch immediately before public exploits emerge.

https://www.drupal.org/sa-core-2026-004

Affected:

- 8.9.0 , < 10.4.10
- 10.5.0 , < 10.5.10
- 10.6.0 , < 10.6.9
- 11.0.0 , < 11.1.10
- 11.2.0 , < 11.2.12
- 11.3.0 , < 11.3.10

CVE-2026-9082 - Highly critical - SQL Injection
CVE-2026-8495 - Missing Authorization
CVE-2026-8493 - XSS
CVE-2026-8492
CVE-2026-8491

#Drupal #PHP #CyberSecurity #Infosec #CVE #WebSecurity #PostgreSQL #SqlInjection #PrivilegeEscalation #XSS

#Drupal core - Highly critical - SQL injection - SA-CORE-2026-004

Only affects Drupal sites that use Postgresql (5% of sites estimated by the security team)

https://www.drupal.org/sa-core-2026-004

#security #SQLinjection

#Drupal core - Highly critical - SQL injection - SA-CORE-2026-004

Only affects Drupal sites that use Postgresql (5% of sites estimated by the security team)

https://www.drupal.org/sa-core-2026-004

#security #SQLinjection

#Drupal core - Highly critical - SQL injection - SA-CORE-2026-004

Only affects Drupal sites that use Postgresql (5% of sites estimated by the security team)

https://www.drupal.org/sa-core-2026-004

#security #SQLinjection

#Drupal core - Highly critical - SQL injection - SA-CORE-2026-004

Only affects Drupal sites that use Postgresql (5% of sites estimated by the security team)

https://www.drupal.org/sa-core-2026-004

#security #SQLinjection

#Drupal core - Highly critical - SQL injection - SA-CORE-2026-004

Only affects Drupal sites that use Postgresql (5% of sites estimated by the security team)

https://www.drupal.org/sa-core-2026-004

#security #SQLinjection

POSTGRES ONLY?!?! After all that?!

#Drupal

They announced the new Drupal releases fixing a critical security bug, but the 10.5.10 version they link to, is not yet released. Sigh.

https://www.drupal.org/project/drupal/releases/10.5.10
https://www.drupal.org/sa-core-2026-004

#drupal

"Most day-to-day friction doesn't rise to the level of a Code of Conduct violation. It's tone. Assumption. Misread intent."

@mtift regarding some of the work the #Drupal community health team does. 🤝💬🌱❤️

Doing lots of hitting the refresh button as I wait for the #Drupal core security release.

@ultimike What if you *train* an existing developer at a client site to be a #Drupal developer, does upskilling lost .Net souls count?? 😃 // @rachel

This is going to require coffee.

#Drupal

Acquia has officially launched its Fair Trade Initiative, pledging 2% of every eligible partner deal to the Drupal Association. The initiative is built directly into the new Acquia Partner Program, ensuring a sustainable model that aligns Drupal’s growth with continued investment in its infrastructure.

We are truly grateful for this commitment to our shared future.

Read more about the initiative here: https://www.acquia.com/partners/fair-trade-initiative

#Drupal #Acquia #PartnerProgram #OpenSource