Timeline Of Events: Linux Mint Website Hack That Distributed Malicious ISOs

An anonymous reader writes: The Linux Mint website was hacked last night and was pointing to malicious ISOs that contained an IRC bot known as TSUNAMI, used as part of an IRC DDoSing botnet. While the Linux Mint team says they were hacked via their WordPress site, security experts have discovered that their phpBB forum database was put up for sale on the Dark Web at around the same time of the hack. Also, it seems that after the Linux Mint team cleaned their website, the hackers reinfected it, which caused the developers to take it down altogether.

Re:WordPress ???

Ah, Drupal. Drupal is amazing, in that it's clear the developers looked at PHP, said "this is a horrible insecure language" and then decided "let's create a giant platform on top of it to try and fix up the flaws" rather than "let's look for a language that isn't terrible."

So now Drupal is its own language and library onto itself, and PHP has evolved to fix many of the problems Drupal attempts to solve but Drupal is stuck with their own implementations.

The amount of code Drupal has to load to render a single webpage is hilarious and somewhat worrying. It's enough that Drupal has to have its own code caching system on top of Zend or whatever you use to try and get performance to reasonable levels.

Which is probably the only reason you hear about WordPress getting hacked more than Drupal. Drupal has an impressive list of CVEs, but most people who try and use Drupal end up saying "fuck this" and using WordPress instead, because it's possible to get WordPress running without driving yourself insane.