Authorities announced taking down 106 SocGholish botnet C&C servers and domains, and cleaning up 15,000 WordPress websites.

The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151) has been observed using lures related to Prometheus, a Ukrainian online learning platform, to target government ...

The Drupal Security Team’s Monday PSA announcing the imminent patch for Drupal core doesn’t include any specifics, with the PSA noting that Drupal isn’t willing to share additional information until ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities ( KEV ) catalog, based ...

2026年的CMS市场，已经不再是“哪个功能多选哪个”的时代了。你的业务形态、团队技术能力、长期维护预算，才是决定选型的核心因素。 根据2026年的市场数据和实战经验，我为你筛选了5款最具代表性的开源CMS，覆盖了从个人博客到企业级站群的全场景需求。

The WebOps platform for WordPress and Drupal now runs Next.js, reducing multi-vendor complexity by unifying IT, developers, and marketers around a single system designed to build and run the web at ...

Pantheon's Next.js hosting is now generally available — and the company is positioning the launch squarely at the AI agent-driven future of web infrastructure. Pantheon built its reputation on ...

The latest version also executes malicious code during the preinstall phase, and is bigger and faster than the first wave, say researchers. A new version of the Shai-Hulud credentials-stealing ...

The composer create-project command passes ownership of all files to the project that is created. You should create a new Git repository, and commit all files not ...

Drupal has been a cornerstone of digital experiences for two decades—a platform of unmatched power, flexibility, and open-source spirit. It powers millions of websites, from global enterprises to ...

The Core Web Vitals Technology Report shows the top-ranked content management systems by Core Web Vitals (CWV) for the month of June (July’s statistics aren’t out yet). The breakout star this year is ...

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively ...