'After the publication of two severe security flaws in the Drupal CMS, cybercrime groups have turned their sights on this web technology in the hopes of finding new ground to plant malware on servers and make money through illegal cryptocurrency mining. [...] Now, as time passes by, more malware campaigns targeting Drupal sites are getting off the ground -- and two of them have been spotted the past week. The most recent of these campaigns has been discovered by US security researcher Troy Mursch. The researcher discovered a group that gained access to Drupal sites and hid a version of the Coinhive in-browser cryptocurrency miner inside a file named "jquery [dot] once [dot] js?v=1.2," loaded on each of the compromised sites. Mursch initially tracked down the infected files to over 100,000 domains, then narrowed down the results to 80,000 domains, and finally confirmed the infection on at least 348 sites where the in-browsing mining operation was actually taking place.' -- source: https://it.slashdot.org/story/18/05/07/1636258 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/