Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 or have done so later than 7 hours after the public revelation of the highly critical SQL injection vulnerability (CVE-2014-3704) on October 15, are advised to consider their site as potentially compromised and proceed to fix the issue.
A researcher has spotted a Tor exit node located in Russia which instead of delivering the software requested by users untouched, was adding malicious code to the binaries in question - code that made their computers open a port to send HTTP requests to and receive commands from a remote server.
Last week Apple released a new version of its operating system to consumers.
The Tor Project has released version 4.0 of its popular homonymous browser that allows users to use the Internet anonymously and privately, and to circumvent online censorship and surveillance efforts by various countries.
Admins of sites that run Drupal 7 are advised to update to the latest version of the platform - version 7.32 - because it fixes a critical SQL injection vulnerability that can ultimately lead to site hijacking and data theft.