On March 28th, Drupal released a critical security update to address a severe remote code execution vulnerability, known as Drupalgeddon 2.0, which affects Drupal versions 8, 7, and unsupported 6, potentially impacting over one million sites. This vulnerability (CVE-2018-7600) allows attackers to take control of a Drupal site, accessing and modifying non-public data by merely accessing a specific URL, resulting in a high severity score. Site administrators are urged to upgrade to the latest versions, 7.58 for Drupal 7.x and 8.5.1 for Drupal 8.5.x, as exploits have been confirmed and automated attack attempts have been detected. In the interim, if immediate upgrades are not possible, patches recommended in the security advisory can provide temporary protection, and it is advised to scrutinize logs for any signs of malicious activity.