When it comes to content management systems (CMS) for websites, Drupal is a highly flexible and extendible open-source solution. It is often preferred by technical developers and large government and educational websites. Because of this, the Drupal community is strongly committed to keeping the software secure.
But no software can be completely immune from vulnerabilities and attacks. Drupal is no exception, coming in as the third most-infected CMS in Sucuri’s 2019 Website Threat Research Report.