New Drupal flaws exploited for cryptojacking attacks

Just days after Drupal released patches for “highly critical” security flaws affecting the CMS, attackers are exploiting it to install cryptocurrency miners on enterprise websites.    

The flaw, tracked as CVE 2019-6340, allows a remote attacker to run arbitrary code on an affected Drupal site and potentially comprise the web server. 

Drupal warned website admins last week that it was preparing to release a patch for a severe flaw that affected the 8.5.x and 8.6.x branches of the software. 

Given past attacks using last year’s trio of Drupalgeddon flaws, there was a high chance that attackers would use the new flaw soon after it became known. 

Drupal recommended disabling all web services modules to mitigate potential attacks until the appropriate Drupal core patches had been installed.