Nearly six months have passed since a major Drupal SQL injection vulnerability was disclosed, and yet attackers are continuing to try, sometimes successfully, to exploit websites that have failed to update their systems.
Trustwave analyzed one such exploitation in a Friday blog post that, more than anything, stresses the importance of keeping up with patching, said Ryan Barnett, senior lead security researcher at Trustwave, in an interview with SCMagazine.com.

The link for this article located at SC Magazine is no longer available.