The advice here is simple, address your vulnerabilities!
Seven hours after Drupal released a patch to fix a SQL injection flaw, attacks were seen attempting to exploit any CMS system which hadn’t been patched. Even more worryingly, the advice given is to assume that you will already have been breached if you weren’t patched prior to 11pm UTC October 15. Check your breach detection alerts now!
Read the full story here