Drupal released a security advisory on 10-15 (SA-CORE-2014-005). This vulnerability allows an attacker to send requests to a server that result in SQL injection. Within hours of the announcement they began seeing automated attacks compromising Drupal 7 websites. If you know anyone running Drupal 7 please make sure they are aware of this issue. If you think your site may be compromised please contact OUIT Security.
