Podcasts about Drupal

AI vulnerability discovery just upended the legendary Capture the Flag competitions, leaving top hackers sidelined while algorithms dominate the scoreboard. Hear why one seasoned researcher says the entire game is over for humans. As expected, UnFiOS devices are under attack. CISA commands federal agencies to update Drupal. Can the largest botnet ever, be killed. Defender endpoint can cutoff a PC from the network. Charter Communications big account leak. Chrome moves device-bound session cookies from beta. Anthropic to release Mythos shortly. cURL and Daniel Stenberg. IBM & RedHat commit to fixing open source with AI. LOTS of terrific listener feedback this week. AI spells the end of a terrific source of training Show Notes - https://www.grc.com/sn/SN-1081-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit hoxhunt.com/securitynow zscaler.com/security material.security meter.com/securitynow

AI vulnerability discovery just upended the legendary Capture the Flag competitions, leaving top hackers sidelined while algorithms dominate the scoreboard. Hear why one seasoned researcher says the entire game is over for humans. As expected, UnFiOS devices are under attack. CISA commands federal agencies to update Drupal. Can the largest botnet ever, be killed. Defender endpoint can cutoff a PC from the network. Charter Communications big account leak. Chrome moves device-bound session cookies from beta. Anthropic to release Mythos shortly. cURL and Daniel Stenberg. IBM & RedHat commit to fixing open source with AI. LOTS of terrific listener feedback this week. AI spells the end of a terrific source of training Show Notes - https://www.grc.com/sn/SN-1081-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit hoxhunt.com/securitynow zscaler.com/security material.security meter.com/securitynow

AI vulnerability discovery just upended the legendary Capture the Flag competitions, leaving top hackers sidelined while algorithms dominate the scoreboard. Hear why one seasoned researcher says the entire game is over for humans. As expected, UnFiOS devices are under attack. CISA commands federal agencies to update Drupal. Can the largest botnet ever, be killed. Defender endpoint can cutoff a PC from the network. Charter Communications big account leak. Chrome moves device-bound session cookies from beta. Anthropic to release Mythos shortly. cURL and Daniel Stenberg. IBM & RedHat commit to fixing open source with AI. LOTS of terrific listener feedback this week. AI spells the end of a terrific source of training Show Notes - https://www.grc.com/sn/SN-1081-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit hoxhunt.com/securitynow zscaler.com/security material.security meter.com/securitynow

AI vulnerability discovery just upended the legendary Capture the Flag competitions, leaving top hackers sidelined while algorithms dominate the scoreboard. Hear why one seasoned researcher says the entire game is over for humans. As expected, UnFiOS devices are under attack. CISA commands federal agencies to update Drupal. Can the largest botnet ever, be killed. Defender endpoint can cutoff a PC from the network. Charter Communications big account leak. Chrome moves device-bound session cookies from beta. Anthropic to release Mythos shortly. cURL and Daniel Stenberg. IBM & RedHat commit to fixing open source with AI. LOTS of terrific listener feedback this week. AI spells the end of a terrific source of training Show Notes - https://www.grc.com/sn/SN-1081-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: bitwarden.com/twit hoxhunt.com/securitynow zscaler.com/security material.security meter.com/securitynow

On this week's Security Sprint, Dave and Andy covered the following topics:Opening:• 27th Annual TribalNet Conference & Tradeshow, 20 – 24 Sep, Dallas, TX• 02 Jun! WaterISAC H2OSecCon (Virtual Conference)Main Topics:Exploitation! and the KEV! • CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-9082 Drupal Core SQL Injection Vulnerability• Drupal security advisory (AV26-492) - Update 2 - Canadian Centre for Cyber Security • CISA orders feds to patch actively exploited Drupal vulnerability - BleepingComputer • CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-48172 LiteSpeed cPanel Plugin Privilege Escalation Vulnerability• CISA gives feds 4 days to patch actively exploited cPanel plugin flaw - BleepingComputer • CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-0257 Palo Alto Networks PAN-OS Authentication Bypass Vulnerability• Palo Alto Networks Security Advisory AV26-462 — Canadian Centre for Cyber Security • ETR: Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability CVE-2026-0257 — Rapid7 Ransomware & Data Breaches: • The Cyber Extortion Economy - Palo Alto Networks Unit 42 - 28 May 2026 “As recently noted by our Chief Security Intelligence Officer, Wendi Whitmore, it only took 39 seconds for threat actors to move from initial access to data exfiltration in one case.” • Stay Ahead of Ransomware: What 2026 Threat Reports Are Telling Us — SANS Institute — 01 Jun 2026• Charter Communications Data Breach Could Impact Nearly 5 Million • How St. Paul, Minn., Recovered From a Ransomware Attack • FBI FLASH - Silent Ransom Group Impersonating IT Personnel through Social Engineering - FBI IC3 & FBI warns of in-person data theft attacks from extortion gang • Charter confirms data breach after ShinyHunters extortion threat • The Gentlemen ransomware: Dissecting a self-propagating Go encryptor • The Gentlemen Ransomware Group Is Scaling Faster Than Any Other Group on Record • The Gentlemen (Ransomware) in Disguise: Defense Evasion and other TTPs World Cup:• FBI PSA - Threat Actors Spoofing FIFA Websites in Advance of the 2026 World Cup - FBI IC3 • FAA Establishes No Drone Zones for FIFA World Cup 2026 Stadiums, Fan Events and Base Camps — FAA • Column: Empower Emergency Managers for Major Events • Ebola concerns grow ahead of World Cup — The Hill Quick Hits:• The Future of AI Risk: Predictions for 2027 and Beyond - Gate 15 - 26 May 2026 • Top 10 Artificial Intelligence Security Actions Primer — Canadian Centre for Cyber Security • Mythos Exposes a Bigger Problem in Critical Infrastructure Cyber Defense - HSToday • NSA Launches Zero Trust Implementation Guidelines Resource Webpage — National Security Agency • Designing secure access with ZTNA - National Cyber Security Centre • The 2026 U.S. Midterms Have a Cyber Problem, But It's Not at the Ballot Box — Check Point & Hackers are already laying groundwork to disrupt 2026 midterms, research says — Nextgov • 'Holding our breath': Hurricane season is here, and FEMA is shorthanded — Politico

Today we are talking about AI, How to stay up to date with it, and if it will really take our jobs with guests Angie Byron & Amber Matz. We'll also cover AI Best Practices for Drupal as our module of the week. For show notes visit: https://www.talkingDrupal.com/555 Topics What Is AI Learners Club Amber Defines the Club Origin Story and DrupalCon AI Debate and Community Tensions Issue Queue Conduct and Moderation Thread Tone vs Substance AI Adoption Outside Drupal Conflict Mediation Playbook Maintainer Burnout and Flood Safe Space Learners Club How the Club Started Picking Topics and Demos AI Taking Our Jobs Future of Learners Club Resources Context Control Center AI Learners Club Initiative page Event calendar YouTube Playlist Session Recaps Next session (Claude Design) Slack: #ai-learners Most wanted topics What Angie's working on these days Guests Amber Matz - tugboatqa.com amber-himes-matz Angie Byron - ai_best_practices webchick Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Scott Falconer - managing-ai.com scott-falconer MOTW Correspondent Martin Anderson-Clutz - mandclu.com mandclu Brief description: Do you want to start using AI tools for Drupal development, in the most efficient way possible? There's a composer plugin for that! Module name/project name: AI Best Practices for Drupal Brief history How old: created in Mar 2026 by Angie Byron (webchick), one, of today's guests, a long-time Drupalist, one-time Acquian, and a fellow Canadian Versions available: dev version only, which doesn't seem directly opinionated about what version of Drupal you're using, though it does have minimum versions of PHP and Symfony libraries that suggest Drupal 10 is functionally your minimum Maintainership It is officially seeking co-maintainers Test coverage Documentation - an in-depth README, or you can ask an AI model! (like I did for this segment) 54 open "Work Items" on Gitlab, so lots of active discussion already Module features and usage AI Best Practices for Drupal aims to be the opinionated starter experience for AI-assisted Drupal development You can think of it as a single Composer install that makes any AI coding agent "speak Drupal": following community standards, preferring contrib over custom code, and avoiding framework-naive mistakes. It replaces scattered, tool-specific CLAUDE.md files and Cursor rules that some Drupal developers currently maintain individually, with one canonical, community-governed package that works across Claude Code, Cursor, Copilot, and more. With contributions by a variety of Drupal luminaries including Marcus Johansson, Christoph Briedert, and Scott Falconer, it's the Drupal equivalent of Laravel Boost: stop explaining Drupal to your AI every session and just get writing code. After install or update, it will create an AGENTS.md file from a provided template if there isn't one already, or it will update a specifically marked "ai-best-practices" section of an existing file You will also have a directory of provided skills, and guidance for creating new Drupal agent skills Also included is a set of evals, meant to automatically identify when AI models go off course and provide feedback AI Best Practices for Drupal is meant to provide guidance that will be particularly useful for AI agents, so it's ideal for Drupal developers getting started with AI tools, or for AI developers who want to get started with Drupal

How to Build a Marketing Team That People Don't Want to Leave On this episode host Adam Turinas sits down with Larry Kaiser, Chief Marketing Officer at Optimum Healthcare IT, for a candid conversation about what it really takes to build a marketing team that lasts. Larry has spent nearly a decade growing the marketing function at Optimum from a logo and an outdated Drupal website into a tight, high-performing team. The lessons he has picked up along the way are ones that any marketing leader in healthtech will recognize. Find all of our network podcasts on your favorite podcast platforms and be sure to subscribe and like us. Learn more at www.healthcarenowradio.com/listen

This episode covers a CISA contractor's accidental exposure of AWS GovCloud credentials and internal system details on GitHub, the FBI's efforts to patch vulnerable routers, and a critical NGINX vulnerability with public proof-of-concept code. The team also discusses Microsoft's handling of a disputed Azure Backup security finding, the challenges of vulnerability disclosure and CVE assignment, and GitHub's ban of security researcher Nightmare Eclipse following the publication of unpatched Windows vulnerability research.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis

On the podcast this week, I cover a whole lot of security related stories including concerning Defender, Drupal and UniFiOS vulnerability, a tone deaf comment from a Finance CEO regarding AI and much more! Reference Links: https://www.rorymon.com/blog/defender-vulnerabilities-disclosed-new-issue-on-server-2016-updates-coming-to-windows-11/

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

CISA has ordered U.S. federal civilian agencies to urgently patch an actively exploited critical Drupal SQL injection vulnerability (CVE-2026-9082) affecting PostgreSQL-backed Drupal deployments, after Imperva reported more than 15,000 attack attempts across 65 countries. Microsoft has confirmed a strange Windows Server 2016 update issue where KB5087537 can break domain controller discovery when server hostnames are exactly 15 characters long, raising more questions about patch reliability as update complexity grows. Google has joined a coalition opposing Canada's proposed lawful access legislation, Bill C-22, warning that secret ministerial orders, possible encryption risks, and mandatory metadata retention could weaken security rather than improve it. Critics point to the Salt Typhoon telecom espionage campaign as evidence that lawful intercept systems themselves can become prime targets. Also in this episode: Check Point says Iran-linked threat group Nimbus Manticore has deployed new malware tools including MiniFast and MiniJunk V2, with researchers noting signs that MiniFast may have been developed with AI-assisted coding techniques. The campaign used SEO poisoning and fake Oracle SQL Developer downloads to lure victims. Timestamps: 00:00 Top Headlines Rundown 00:27 Emergency Drupal Patch Order 02:22 Microsoft Server Update Bug 04:02 Canada Lawful Access Battle 05:18 Google's Security Concerns 06:25 Salt Typhoon Lessons 07:35 Iran-Linked AI Malware 09:26 SEO Poisoning Attack 10:09 Wrap Up and Sign Off

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com

They're Listening, Drupal, TTE, KEV, Mythos, Megalodon, Boris and Natasha, MFA, Pope Leo, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-584

They're Listening, Drupal, TTE, KEV, Mythos, Megalodon, Boris and Natasha, MFA, Pope Leo, Aaran Leyland, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-584

Today we are talking about Web Education, Level up Tutorials, and life after Drupal with guest Scott Tolinski. We'll also cover Views Row SDC as our module of the week. For show notes visit: https://www.talkingDrupal.com/554 Topics Scott Origin Story Level Up Tutorials Era Syntax Podcast Beginnings Growing The Audience Web Components Debate Leaving Drupal Behind What Drupal Still Nails Agency Project Highlights Booking Podcast Guests Scott Work Week Setup Running Syntax Team Canvas HTML Experiments Livestream Tools Challenges Funding Via Sentry Project Ideas Process Conference Speaking Journey Speaking Logistics Family Content Focus Passion Drupal Influence Today Mad CSS Tournament AI Coding Workflow What Excites Him Now Resources Scott Tolinski's Website Levelup tutorials 1000th episode Web awesome Talk in Amsterdam - React summit This component could have been a class Sigraph conference site Too fast too furious learning things quickly JSNation Scratch Css tricks MadCss Championship State of ai survey Jazz.tools 0sync Graffiti Guests Scott Tolinski - tolin.ski stolinski Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Bernardo Martinez - bernardm28 MOTW Correspondent Martin Anderson-Clutz - mandclu.com mandclu Brief description: Have you ever wanted to use a Single Directory Component to format the output of a view on your Drupal website? There's a module for that Module name/project name: Views Row SDC Brief history How old: created in Apr 2026 by James Shields (lostcarpark), a friend of the podcast Versions available: 1.0.0, which works with Drupal 11.3 and 12 Maintainership Actively maintained Security coverage Number of open issues: 9 open issues, 3 of which are bugs, though two are marked as fixed in the latest release Usage stats: 4 sites Module features and usage With this module installed, when you select "Show" in the Format modal for any views display, you'll see a new option for "Single Directory Component", in addition to standard options like "Content view mode" or "Fields" You can then select which of the site's available SDCs you want to use to format each result, and then you can map fields defined in the view to the properties and slots defined for the selected component You can also place a view using this format into a Drupal Canvas layout by having a block display SDCs and Canvas are the new hotness in Drupal theming, so this module gives you some additional ways to incorporate theme into your own Drupal site

CISA adds Drupal Core flaw to KEV Underminr hides malicious connections behind trusted domains Canadian man charged with running KimWolf DDoS botnet Check out your show notes here: https://cisoseries.com/cybersecurity-news-drupal-kev-addition-underminr-revives-domain-fronting-canadian-kimwolf-arrest/ Huge thanks to our sponsor, Guardsquare Mobile app security isn't just a tech issue; it's a revenue issue. A recent global study found that seventy-two percent of organizations experienced a mobile app security incident last year. Even worse? Sixty-five percent saw customer churn or uninstalls as a result. Protect your brand and your bottom line with layered mobile app protection. Learn more at Guardsquare.com.  

Microsoft confirms active exploitation of two Defender flaws. Europol dismantles a VPN service tied to ransomware gangs. A nine-year-old Linux kernel bug exposes SSH keys and password hashes. Cisco patches a critical Secure Workload vulnerability, while Drupal fixes a highly critical SQL injection flaw. Android malware quietly signs victims up for premium SMS scams. Webworm upgrades its espionage toolkit with Discord and Microsoft Graph backdoors. Plus, China and Russia deepen cooperation on AI, cybersecurity, and satellite systems. Our guest is Jake Moore, Global Cybersecurity Advisor for ESET, sharing a glimpse into his Infosecurity Europe keynote "The Deepfake Interview." Greg doesn't even work here anymore… Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Maria Varmazis speaks with Jake Moore, Keynote speaker for the upcoming Infosecurity Europe conference and Global Cybersecurity Advisor for ESET, getting a glimpse into his session "The Deepfake Interview: Breaking In From the Inside." This interview is part of our partnership with Infosecurity Europe.  Selected Reading Microsoft Defender vulnerabilities exploited in the wild (Help Net Security) Europol Seizes First VPN Used by Ransomware Gangs, Arrests Administrator (Hackread) Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes (Infosecurity Magazine) Cisco Patches Critical Vulnerability in Secure Workload (SecurityWeek) Android Malware Spotted Subscribing Victims to Paid Services Without Consent (Hackread) Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking (SecurityWeek) Webworm: New burrowing techniques (We Live Security) Xi and Putin pledge closer cooperation on AI, cyberspace and satellite systems (The Record) Zombie user account let hackers control the city's water (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Referências do EpisódioDrupal core - Highly critical - SQL injection - SA-CORE-2026-004Logic bug in the Linux kernel's __ptrace_may_access() function (CVE-2026-46333)PinTheft: Another Linux Privilege Escalation, Another Working Exploit, This Time Targeting ArchHackers bypass SonicWall VPN MFA due to incomplete patchingTracking TamperedChef Clusters via Certificate and Code ReuseA malicious VS code extension just breached GitHub ‘s internal repositoriesCVE-2026-20223 - Cisco Secure Workload Unauthorized API Access VulnerabilityRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

GitHub confirms a breach tied to a malicious VS Code extension. Anthropic fights a Pentagon blacklist as the White House weighs new AI security rules. Drupal scrambles to patch a critical flaw. Cisco Talos tracks the evolution of BadIIS malware-for-hire. Signal adds anti-phishing safeguards, Microsoft cracks down on malware-signing services, and China says foreign spies hijacked domestic routers for phishing operations. Wireless carriers collaborate to kill dead zones. Our guest is Rob T. Lee, Chief AI Officer, Chief of Research, SANS Institute, discussing The Cloud Security Alliance's “AI Vulnerability Storm” report. A book about misinformation contains helpful examples. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Rob T. Lee, Chief AI Officer, Chief of Research, SANS Institute, sharing Cloud Security Alliance's The “AI Vulnerability Storm”: Building a “Mythos-ready” Security Program. Selected Reading GitHub confirms breach of 3,800 repos via malicious VSCode extension (Bleeping Computer) Trump AI executive order seeks early government access to frontier models (Axios) DC Circuit slams Pentagon blacklisting of Anthropic as overreach (Courthouse News Service) Drupal Issues Urgent Warning for Highly Critical Core Vulnerability (Beyond Machines) From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat (Cisco Talos) Signal adds security warnings for social engineering, phishing attacks (Bleeping Computer) Disrupting Fox Tempest: A cybercrime service that turned “verified” software into a pathway for ransomware (Microsoft)   China's state security authorities uncover foreign agency using domestic routers as cyberattack proxies; users notice only slower speeds (Global Times) ‘The Future of Truth' Contains Quotes Made Up by A.I. (The New York Times) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

My Mother the Car, AI Slop, Nginx, Polyscope, Drupal, GitHub, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-582

My Mother the Car, AI Slop, Nginx, Polyscope, Drupal, GitHub, Aaran Leyland, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-582

My Mother the Car, AI Slop, Nginx, Polyscope, Drupal, GitHub, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-582

My Mother the Car, AI Slop, Nginx, Polyscope, Drupal, GitHub, Aaran Leyland, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-582

Today we are talking about The Open Web, What it means, and Why it's important with guest Alex Moreno. We'll also cover AI Schema.org JSON-LD as our module of the week. For show notes visit: https://www.talkingDrupal.com/553 Topics Defining the Open Web Drupal in a Bubble Marketing and PR Challenges AI Bias Against Drupal Why AI Won't Recommend Drupal Is Drupal AI Native Marketing Against Giants Local Evangelism Push Funding Outreach Trips Drupal CMS PR Gap Templates Lower Barriers Need a Drupal Onramp Speaking Beyond Drupal Web Summit Lessons Sell Problems Not Drupal Rethinking DrupalCon Camps and New Audiences Marketplace Ecosystem Idea Wrap Up and Contacts Resources Drupalcamp Grenoble 2026 - Bursting the bubble Drupal Iberia keynote Schema dot org Drupal is Great! Its Perception Might Not be TD Cafe - Caching   Guests Alex Moreno - alexmoreno Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Bernardo Martinez - bernardm28 MOTW Correspondent Jacob Rockowitz - jrockowitz.com jrockowitz Brief description: The AI Schema.org JSON-LD module provides a straightforward way to send a prompt — including a webpage's content and data, along with instructions and requirements — to an AI provider and receive a response containing valid Schema.org JSON-LD for saving and embedding in a webpage. It's a "glue module" that combines AI Automators, Field Widget Actions, and JSON Field to create an AI-powered Schema.org JSON-LD field for content entities. Module name/project name: AI Schema.org JSON-LD Brief history How old: Created in April 2026 by jrockowitz (Jacob Rockowitz) of The Big Blue House Versions available: 1.0.0-alpha1 (requires Drupal ^11.3); 1.0.x-dev branch also available Maintainership Actively maintained Yes — updated as recently as April 30, 2026 Security coverage No — not currently covered by Drupal's security advisory policy; use at your own risk Test coverage The module notes that all contributed code must include test coverage, though it is early alpha Documentation Yes — the project page includes setup instructions, implementation guidance, philosophy, and a 2-minute demo video on YouTube Number of open issues: 0 open issues, 0 of which are bugs against the current branch Usage stats: 1 site currently reporting use of this module Module features and usage Adds a native JSON "Schema.org JSON-LD" field to content entities (nodes, media, taxonomy terms) Field is populated via an AI automator triggered by a Field Widget Action, keeping a human in the review loop before saving Stores Schema.org JSON-LD as native JSON data, creating a fully queryable knowledge graph for the site Works with complex nested content structures (paragraphs, components) by having AI parse and generate the structured data Includes an optional sub-module for logging prompts and AI responses for human and AI review and iterative improvement Configurable per entity type/bundle via UI, Drush, or Drupal recipe Philosophy: "Use AI to build a tool that helps AI understand your website while always keeping a human in the loop" Built using AI coding agents (Claude and Codex), with community contributions encouraged — especially around crafting and sharing optimal prompts

Today we are talking about The Midwest Open Source Alliance, What they do, and How they support Drupal with guests April Sides & Tearyne Almendariz. We'll also cover Canvas Field Component as our module of the week. For show notes visit: https://www.talkingDrupal.com/552 Topics Congratulations to April as the 2026 Aaron Winborn award! What is MOSA, and what gap in the Drupal ecosystem was it created to fill? How did MOSA get started, and who were the key people behind its formation? MOSA acts as a fiscal sponsor—what does that actually mean in practice for Drupal events and initiatives? What are some of the projects or camps MOSA currently supports? How does MOSA help sustain and grow regional Drupal communities over time? What does membership in MOSA look like, and who should consider getting involved? How does MOSA balance local community focus with broader, national or global Drupal efforts? What are the biggest challenges MOSA faces as a nonprofit supporting open source communities? How has MOSA evolved in recent years, and what's different today compared to when it launched? Looking ahead, what's the long-term vision for MOSA and its role in the Drupal ecosystem? Resources MOSA Website MOSA Drupal Project Aaron Winborn Handbook Moline, Illinois Guests Tearyne Almendariz - nlbcworks.com NineLivesBlackCat April Sides - weekbeforenext Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi MOTW Correspondent Martin Anderson-Clutz - mandclu.com mandclu Brief description: Have you ever wanted to place Drupal-rendered fields into your Drupal Canvas templates? There's a module for that. Module name/project name: Canvas Field Component Brief history How old: created in Apr 2026 by me! With some help from a couple of AI models Versions available: 1.0.0, which works with Drupal 11.2 or newer Maintainership Actively maintained Security coverage Test coverage Documentation - a README, but is designed to be narrow in scope Number of open issues: technically 5 open issues, but all marked as fixed Usage stats: 41 sites Module features and usage By design, when using Drupal Canvas to create templates for content types, the idea is to map field values to properties in the template's components That is a new system, however, so site builders may find there are gaps in terms of available mappings for field types they need to use, or may want to draw on mature formatting options such the responsive image definitions that come with Drupal CMS With the Canvas Field Component module installed, you'll find a new "Field display" option available in your Canvas component library. When you drag that into a Canvas template layout, you can choose which field from the content type you want to display, and the formatter to use That, in turn, will expose all settings for the chosen formatter, as well as any third-party settings available, for example if using Date Augmenters with Smart Date fields Those settings will be reflected in real-time inside the Canvas UI preview, and then on rendered content once the template changes are published This module started as a simple idea, based on my own experience using other UI-based Drupal solutions for laying out content type templates, like Layout Builder or Acquia Site Studio. Over the years, I've come to appreciate the flexibility of being able to place Drupal-rendered fields into templates, so you can mix-and-match existing, robust formatting options with flexible ways of pulling field values into layouts that also include more bespoke elements. Or, just use this as a way to add more layout flexibility to Drupal's default, linear display controls. That's what I do on my own blog, where I use Layout Builder but don't have a single custom layout on the site. It's only used for enhancing the layout of structured content. Full disclosure: I also used the idea for Canvas Field Component as the impetus to venture into vibe coding, inspired by the conversations happening in the AI Learners Club, which listeners will hear more about in an upcoming episode.

Nic Laflin and Matt Glaman sit down to discuss Drupal caching and Matt's new Leanpub book, Understanding Drupal: A Complete Guide to Caching Layers. For show notes visit: https://www.talkingDrupal.com/cafe016 Topics New Book on Caching Why Drupal Caching Shines Cache Tags Explained Cache Context Variations What Caching Really Is Invalidation Across the Stack NGINX Layer Pitfalls What Drupal Can Cache Writing Cacheable Render Arrays Debugging Metadata Issues Testing Caching Strategies Researching the Book Variation Cache Deep Dive Access Policy and Performance Permissions Caching and Disk IO Extension Discovery Tangent File Cache Explained Clearing File Cache in Tests Updating the Book Over Time Leanpub Pricing and Royalties Publishing Workflow and Tools Writing Process and Editing Matt Glaman Matt Glaman is an experienced software engineer and a prominent member of the Drupal community. With over a decade of experience in web development, he has developed a wealth of knowledge and expertise. He is the author of several books, including "Drupal 8 Development Cookbook" and "Drupal 10 Development Cookbook," which provide a comprehensive guide to building and customizing Drupal sites. And recently, the book Understanding Drupal: A Complete Guide to Caching Layers. Nic Laflin Nic Laflin is an accomplished Drupal architect and the founder of nLightened Development LLC, a web development and design firm established in 2008 that leverages highly extensible CMS frameworks to solve complex business challenges. They've been working with Drupal since late 2008, delivering creative solutions for a diverse roster of clients—from government agencies and e-commerce platforms to higher-education institutions and HIPAA-compliant medical services. Recently, Nic has focused on Native Web Components for platform-agnostic design, and has deep experience integrating AWS and building mobile application back ends. A recognized Drupal guru, Nic speaks regularly at regional Drupal camps and co-hosts the Talking Drupal podcast, where they share best practices and innovations with the community. Outside of technology, Nic enjoys building with LEGO, experimenting in the kitchen, and designing home automation projects. You can learn more at www.nlightened.net. Resources Understanding Drupal: A Complete Guide to Caching Layers https://mglaman.dev/blog/leveraging-list-cache-tag-entity-types If you're using a reverse proxy then disable the internal page cache https://www.drupal.org/project/drupal/issues/3414825 Guests Nic Laflin - nLighteneddevelopment.com nicxvan Matt Glaman - mglaman.dev mglaman

Drupal founder and Acquia executive chairman Dries Buytaert joins CX Decoded fresh off DrupalCon Chicago to break down how AI is disrupting every leg of the open source ecosystem — the platform, the agency world, and the contributor community. Plus: why the current deal between publishers and AI crawlers is broken, and what CX leaders should actually be doing about content discoverability.

Kevin Thull, who leads the Drupal Recording Initiative (DRI), joins us to discuss why DRI started, how it scaled from Kevin recording local camps to supporting many events, the hub-and-mentorship model for maintainers, differences between shipping kits vs onsite support, costs compared with traditional AV vendors, and challenges like aging capture hardware, audio/video troubleshooting, and sustainable funding. For show notes visit: https://www.talkingDrupal.com/551 Topics Module of the Week TFA Why Recording Matters Early Events and Growing Pains Post Production and Gear Limits Recording DrupalCon vs Camps Costs and Value Breakdown Pittsburgh Turning Point Hubs and Mentoring New Recordists Beyond Drupal Events Hands Off Goals Impact and Adoption Workflow Pain Points Content First Recording Maintainers and Volunteers Volunteer Stress Factors Funding and Platforms Drupal TV Origins Roadmap and Growth Wrap Up and Contacts Resources MOTW - Two-factor Authentication (TFA) - https://www.drupal.org/project/tfa TFA Email OTP Plugin - https://www.drupal.org/project/tfa_email_otp National Institute for Standards and Technology's Special Publication 800-63B section 3.1.1.2 "Password Verifiers" - https://pages.nist.gov/800-63-4/sp800-63b.html#passwordver Drupal Recording Initiative - https://www.drupal.org/project/dri DrupalCon Chicago Playlist - https://www.youtube.com/playlist?list=PLpeDXSh4nHjQpb2cHv9rgQv4lvq1-ZkC3 Guests Kevin Thull - Drupal Recording Initiative kthull Guest Host Bernardo Martinez - bernardm28 Hosts Nic Laflin - nLighteneddevelopment.com nicxvan Avi Schwab - froboy.org froboy Module of the Week with Avi Schwab- froboy.org froboy Two Factor Authentication - Two-factor authentication for Drupal sites. Drupal provides authentication via something you know – a username and password while TFA module adds a second step of authentication with a check for something you have – such as a code sent to (or generated by) your mobile phone. TFA is a base module for providing two-factor authentication for your Drupal site. As a base module, TFA handles the work of integrating with Drupal, providing flexible and well tested interfaces to enable your choice of various two-factor authentication solutions like Time-based One-Time Passwords (TOTP), SMS-delivered codes, pre-generated codes, or integrations with third-party services like Authy, Duo and others.

In episode 550 of Talking Drupal, Rod Martin joins us to discuss how Drupal site builders are defined, how their role has changed across Drupal versions, and what the future may look like with Drupal CMS, Canvas, and Drupal AI. The show's module of the week is Password Policy, presented by Avi Schwab, covering customizable password constraints and password expiration/reset features, along with supporting modules Password Policy Extras and Password Policy Pwned, which checks passwords against the Have I Been Pwned database. The conversation also explores the challenges site builders face around layout, theming, and configuration management, and the need for better templates, workflows, and guardrails as AI-assisted site building evolves. For show notes visit: https://www.talkingDrupal.com/550 Topics Module of the Week: Password Policy MidCamp 2026 Promo Defining Drupal Site Builders Rod's Training Background Site Builder Role and Skills Comparing Drupal WordPress Joomla Editors vs Site Builders Site Building Changing in Drupal Layout Builder Fallout Canvas and AI Promise Barriers and Bulk Fields Prompt Built Architecture Guardrails and Nuance Playbooks and Context Drupal Must Shift Templates Over CMS Dev and Builder Handoff Two Paths Forward Recipes Upgrade Gotchas Closing and Contacts Resources NIST Password Guidelines - https://specopssoft.com/blog/nist-password-guidelines/ Password Recipe - Emdash - https://blog.cloudflare.com/emdash-wordpress/ Talking Drupal #122 - Taxonomy or Entity Reference https://talkingdrupal.com/122 Guests Rod Martin - DrupalHelps.com imrodmartin Hosts Nic Laflin - nLighteneddevelopment.com nicxvan Avi Schwab- froboy.org froboy Module of the Week with Avi Schwab- froboy.org froboy Password Policy - A password policy can be defined with a set of constraints which must be met before a user password change will be accepted. Each constraint has a parameter allowing for the minimum number of valid conditions which must be met before the constraint is satisfied.

In Episode 549, Randy Fay and Stas Zhuk join us to discuss what DDEV is, recent improvements, and where it's headed. Module of the week is the DDEV Drupal Contrib add-on. Randy and Stas discuss priorities like reliability, consistent UX, add-ons discoverability, and new features including revamped ddev share with Cloudflare and rootless Podman support. They also cover coder.ddev.com, a cloud-based DDEV environment built on coder.com for easier onboarding and contribution, plus sustainability, community support, and challenges such as AI-driven PR volume and Stas's development constraints in Ukraine. For show notes visit: https://www.talkingDrupal.com/549 Topics Module of the Week - DDEV Drupal Contrib DDev Drupal Contri Overview Contrib Workflow Q&A Drush in Core Debate Add-on Registry and Contact Drupal AI Summit Plug What Is DDev Stas Origin Story Recent Releases and Priorities DDev Share and Podman Developer Experience Changes Database Upgrade Pain Points Coder DDev Cloud IDE Cloud DDEV Basics VS Code Remote Workflow Pair Programming Training Wins Docker Desktop Alternatives Onboarding Teams Faster Windows Support Reality Building Through War Roadmap Env File Fixes Beyond Drupal Adoption Addons Discovery Tools Funding Community Health AI Pull Requests Pressure AI Agents MCP Plans How To Get Involved Resources DDEV - https://ddev.com/ DDEV Add-on Registry - https://addons.ddev.com/ Introducing coder.ddev.com: DDEV in the Cloud - https://ddev.com/blog/coder-ddev-com-announcement/ About Stas Zhuk - https://ddev.com/blog/introducing-maintainer-stas/ Power Through Blackouts: How DDEV Community Helped Me in Ukraine - https://ddev.com/blog/power-through-blackouts-ddev-community-support/ Drush command in core - https://www.drupal.org/project/drupal/issues/3453474 Drush's Final Act - https://weitzman.github.io/blog/drush-final-act coder.com - https://coder.com/ Service hosting coder.ddev.com - https://www.hetzner.com/ Funding DDEV - https://ddev.com/blog/sustainability-for-ddev/ Gen AI DDEV newsletter note - https://ddev.com/blog/ddev-march-2026-newsletter/ Sharing Coder.ddev.com workspaces - https://github.com/ddev/coder-ddev/issues/80 Guests Stas Zhuk - stasadev Randy Fay - ddev.com rfay Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Rod Martin - DrupalHelps.com imrodmartin Module of the Week with Martin Anderson-Clutz - mandclu.com mandclu DDEV Drupal Contrib - DDEV integration for developing Drupal contrib projects. As a general philosophy, your contributed module/theme is the center of the universe.

In episode 548 we welcome back JD Leonard to discuss what CRMs are, what problems they solve, and which organizations benefit from them. JD explains why Drupal CRM defines CRM as "Contact Relationship Management," outlines core expectations like contact and relationship tracking and integrations, and describes Drupal CRM's Drupal-native architecture using dedicated, fieldable entity types for contacts, relationships, and contact methods. The panel compares Drupal CRM to older Drupal CRM efforts and user-based approaches, covers security considerations for PII and plans for field encryption, and highlights ecosystem projects such as CRM Email, CRM Membership (including Drupal Commerce integration), and event registration needs. For show notes visit: https://www.talkingDrupal.com/548 Topics Module of the Week: Module of the Week: Social Media Links Block and Fields Use Cases and Discussion How to Suggest Modules What Is a CRM CRM Hats and Naming Core CRM Features and Users Why Drupal CRM Exists Drupal CRM Architecture Deep Dive Demos and Legacy Alternatives Project Origins and Community Out of the Box Features Security and PII Considerations Field Encryption Limits Core First Drupal Native Search Deprecation Drupal 12 Choosing Contrib Integrations Ecosystem Modules Upstream Getting Started Evaluating CRM Options Common CRM Pitfalls Community Sustainability Vision Funding Volunteers Sponsors Roadmap Toward 1.0 Ecosystem Membership Events Resources Try the latest - https://drupal.org/project/crm Field encrypt - https://www.drupal.org/project/crm/issues/3558040 Primary entity reference - https://www.drupal.org/project/primary_entity_reference Member Platform initiative - https://www.drupal.org/project/member Financial sponsor of Steve Ayers' time working on Drupal CRM - https://www.govwebworks.com https://www.portlandwebworks.com CRM ecosystem modules - https://www.drupal.org/project/crm/ecosystem Drupal Slack #crm channel: - https://drupal.slack.com/archives/C08N90UF9TR Guests JD Leonard - modernbizconsulting.com jdleonard Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Martin Anderson-Clutz - mandclu.com mandclu Module of the Week with Martin Anderson-Clutz Social Media Links Block and Field The modules provides a configurable block that display links (icons) to your profiles on various popular networking sites. With this module, a website can be quickly extended with a "Follow us" functionality. Or you make the block available for your site editors, and they can configure the social networks themselves.

In episode #547, guest JD Flynn joins us to discuss why developers don't choose Drupal, focusing on Drupal adoption, discoverability, and outdated perceptions from Drupal 6/7. JD cites survey data showing low interest among non-Drupal developers, arguing Drupal's biggest problem is invisibility and that developers often pre-filter it due to PHP stigma and friction getting started. For show notes visit: https://www.talkingDrupal.com/547 Topics Welcome to Talking Drupal Meet JD Flynn Co Hosts Introductions Module of the Week: Native Observability Production Overhead Debate AI Patches and Etiquette Live Stream and Topic Setup Why Developers Skip Drupal Invisibility and Discovery Perception and Onboarding Friction Composer and Leaving the Island Perception Gap and PHP Stigma PHP Perception Versus Reality Why Developers Avoid Drupal Selling Drupal to Clients Instant Demos With Drupal Forge Discoverability in the AI Era Content Strategy Beyond Drupal PHP Stigma and Performance Community Effort and Live Streaming Marketing Drupal Out of the Box Wrap Up and Where to Connect Resources Why Developers Don't Choose Drupal (And What We Can Do About It) - https://www.fldrupal.camp/session/why-developers-dont-choose-drupal-and-what-we-can-do-about-it JD's stream - http://twitch.tv/jddoesdev Drupal is Great! Its Perception Might Not be. -https://picozzi.com/notebook/2025/jan/drupal-great-its-perception-might-not-be Drupal Forge - https://www.drupalforge.org/ Guests JD Flynn - Crepdrop dorficus Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Rod Martin - DrupalHelps.com imrodmartin Module of the Week Correspondent Martin Anderson-Clutz - mandclu.com mandclu Native Observability brings real observability into Drupal. Trace requests, inspect execution, analyze performance, and explore runtime behavior — directly inside your application. No core patches. No external dependencies required to get started. Just install, enable, and start seeing what actually happens inside your system.

Thanks Pressable for supporting the show! Get your special hosting deal at https://pressable.com/wpminuteBecome a WP Minute Supporter & Slack member at https://thewpminute.com/supportOn this episode of The WP Minute+ podcast, Eric is joined by Malcolm Peralty of Pressable. Malcolm shared his extensive experience with WordPress and Drupal (including their differences) and filled us in on his role at Pressable. He also gave us a peek into innovative AI integrations for website management, the importance of a human element in customer service, and his journey as a co-author of a novel. Takeaways:Experience across CMS ecosystems broadens solution conceptualization and accelerates innovation.Transparent AI automation reduces manual effort while maintaining user trust and understanding.Combining AI insights with human oversight enhances quality and trust.Technical account managers (TAMs) guide clients' technical growth, fostering loyalty and innovation.Open communication and leadership accelerate adaptation and empower employees.Engaging in diverse projects fosters teamwork and innovative problem-solving.Important Links:PressableConnect with Malcolm: Website | LinkedIn | Twitter/XMalcolm's Book: Second Class SupersThe WP Minute+ Podcast: thewpminute.com/subscribe ★ Support this podcast ★

Thanks Pressable for supporting the podcast! What hosting should feel like...nothing! https://pressable.com/wpminute Today's episode of The WP Minute podcast features a segment from Eric's interview with Pressable's Malcolm Peralty. Malcolm stopped by to chat about his history in the WordPress and Drupal spaces, along with some exciting new features from Pressable.  You can catch the entire interview over on our WP Minute+ channel. Visit thewpminute.com for all the details: https://thewpminute.com/ai-humanity-a-better-customer-experience/ Support our work at https://thewpminute.com/supportGet the newsletter at https://thewpminute.com/subscribe ★ Support this podcast ★

Today we are talking about the open data platform DKAN, what it's used for, and how it applies to Drupal with guests Liz Tupper & Dan Feder. We'll also cover Modern Drupal Dashboard as our module of the week. For show notes visit: https://www.talkingDrupal.com/545 Topics What Is DKAN Who Uses Open Data 20:08 DKAN Origin Story Why Drupal Fits DKAN From Distribution to Module DKAN 2 Rebuild and JSON Shift Async Jobs and API First How Teams Publish Data What a Dataset Really Is Metadata vs Data Access Why DKAN Left Drupal Org Migration Path to DKAN Four Harvesting and Data Store ETL APIs Visualizations and Bots Roadmap Data Store and AI Contributing and Where to File Issues Resources DKAN DKAN Drupal Module DKAN on GitHub Public sites using DKAN 2 DKAN channel on Drupal Slack JSON Form Widget Guests Liz Tupper - civicactions.com etupper Dan Feder - getdkan.org dafeder Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Steve Wirt - civicactions.com Swirt MOTW Correspondent Martin Anderson-Clutz - mandclu.com mandclu Brief description: Have you ever wanted to have your Drupal site admins start with a fast, widget-based interface that surfaces key site metrics, system health, and operational insights? There's a module for that. Module name/project name: Modern Drupal Dashboard Brief history How old: created in Feb 2026 by Gaurav Kapoor (gaurav.kapoor) of werk21 in Berlin Versions available: 1.0.5, which works with Drupal core 10.3 and 11 Maintainership Actively maintained Security coverage Number of open issues: no open issues Usage stats: 4 sites Module features and usage With the module installed, site visitors with the new "Access modern dashboard" permission can access a React-based dashboard with widgets to provide insights on topics like: Content overview: total content count, published vs unpublished, and per content type breakdown. Users overview: user count per role (users with multiple roles are counted in each role), plus pie chart visualization. Additional Content (Entity overview): lists all entity types (content + configuration), shows counts, and provides direct "Manage" links. Modules overview: installed modules summary, including enabled/disabled and core/contrib breakdown. System & status: key environment details such as Drupal core version, PHP version, and database information. Health checks: displays Drupal requirement checks grouped by status (pass/warning/error) with a dedicated detail view. Each widget can be clicked to open a detail view of the extended data, making it easy for admins to dig into any area The widget-based architecture should also help to pull in data from other sources, potentially including things like analytics

Arrancamos la primavera con un episodio cargadito de noticias interesantes para los que nos dedicamos a esto de la web. NASA, Drupal, WordPress, podcasting… hay para todos. Tema del día La NASA se muda a WordPress Puede que lo hayas visto por ahí, pero si no, aquí va: la web de la NASA, nasa.gov, ha sido completamente rediseñada y migrada a WordPress. La agencia que se encargó del proyecto se llama Long Rock Point, y el motivo principal no fue un capricho estético, sino cumplir una directriz del gobierno de EE.UU. llamada IDEA Act (Ley de Experiencia Digital Integrada del Siglo XXI, de 2018), que obliga a todas las agencias del ejecutivo a modernizar sus webs cumpliendo ocho requisitos: accesibilidad, coherencia visual de marca, contenido claro, búsqueda funcional, seguridad, diseño centrado en el usuario, personalización y diseño mobile-first. La web anterior estaba hecha en Drupal 7, que salió en 2010. Actualizar a Drupal moderno no era viable porque Drupal cambió tanto del 7 al 8 que es prácticamente rehacer todo desde cero, así que optaron por WordPress con Gutenberg. Han creado bloques personalizados para cada tipo de contenido (noticias, carruseles, la famosa imagen del día…), roles de usuario muy acotados por sección, plantillas obligatorias al crear contenido nuevo, y todo alojado en WordPress VIP. Además, han integrado el chequeador de accesibilidad Editoria11y, búsqueda con Elasticsearch, y conexión con la biblioteca multimedia de la NASA a través de su API. En total, se han migrado más de 126.000 páginas y actualmente publican en ella 150 usuarios. ¿Qué ha pasado con todas las webs que estaban en Drupal 7? Esto es lo que da para reflexionar. Drupal 7 fue en su día el CMS de referencia para proyectos grandes y serios. Pero cuando Drupal decidió a partir del 8 orientarse a proyectos enterprise con estándares más complejos, muchos sitios medianos se quedaron descolgados. ¿Resultado? De las casi 827.000 webs que había en Drupal 7, el 35% se han ido a WordPress, el 28% siguen todavía en Drupal 7 sin moverse, solo un 6% han migrado a Drupal moderno, y el resto se han ido a otras plataformas o han desaparecido. Una lección sobre lo que pasa cuando un proyecto de software abandona a su base de usuarios habitual. Prestocast: el Twitter de los podcasts Joan Boluda ha lanzado Prestocast, un proyecto muy chulo que permite publicar episodios de podcast de forma ultrasencilla. Configuras un par de cosas, te crea un feed listo para subir a todas las plataformas, y a partir de ahí puedes publicar un nuevo episodio simplemente enviando un audio por Telegram. En menos de lo que tardas en bajar unas escaleras, el episodio está en Spotify y en Apple Podcasts. Eso sí, los episodios son de máximo 60 segundos, así que va perfecto para contenido corto y frecuente. OP3 y el plugin que me hice yo mismo A raíz de ver que Prestocast usaba OP3 para las estadísticas, decidí añadir el prefijo de OP3 a Potencia Pro para tener métricas más detalladas y de código abierto sobre las descargas del podcast. Fui al repositorio de WordPress a buscar un plugin que lo hiciera… y no existía ninguno. Así que, ni corto ni perezoso, me puse con Claude y construimos el plugin desde cero. Lo he enviado al repositorio oficial de WordPress.org y está pendiente de revisión (el proceso tarda lo suyo). Mientras tanto, podéis descargar la primera versión desde la sección de descargas de Potencia Pro si queréis probarlo. Solo necesitáis daros de alta en OP3, conseguir vuestro ID de podcast y la API key, meterlo en el plugin, y ya tendréis estadísticas de descargas bastante detalladas. Ayer mismo registró 1.493 descargas, que no está nada mal. Recursos mencionados nasa.gov – La web de la NASA rediseñada en WordPress Long Rock Point – La agencia que hizo el rediseño (longrock.com) IDEA Act – La directriz del gobierno de EE.UU. que motivó el cambio WordPress VIP – El hosting enterprise donde está alojada la NASA Editoria11y – Plugin de accesibilidad usado en la web de la NASA Prestocast – El proyecto de Joan Boluda para podcasting ultrarápido (prestocast.com) OP3 – Sistema de estadísticas de código abierto para podcasts (op3.dev) Plugin OP3 para WordPress – Disponible próximamente en el repo oficial; versión beta en la sección de descargas de Potencia Pro ¿No eres suscriptor? pues estás tardando, porque por sólo 2,5€ al mes tendrás acceso a todas las descargas de la intranet y lo más importante, nuestro amor. Soñaremos contigo todas las noches. Métodos de contacto Enviadnos vuestras preguntas al grupo de Telegram. Apuntaos al canal de Youtube del podcast https://www.youtube.com/potenciapro Si nos queréis decir algo directamente lo podéis hacer a @potenciapro , @materron, @mpc, o en el grupo de Telegram Y si eres muy muy muy fan del podcast Echa un vistazo a cómo nos puedes ayudar en https://potencia.pro/se-prosperoso/

Today we are talking about World Cancer Day, how they use Drupal, and why Drupal was the right choice with our guests Charles Andrew Revkin & Diego Costa. We'll also cover PDFa11y as our module of the week. For show notes visit: https://www.talkingDrupal.com/544 Topics What Is World Cancer Day Why UICC Uses Drupal Diego Joins the Project Multilingual Strategy at Scale Drupal Architecture and AI Tools Vetting AI Moderation and Summaries AI Disclosure and Review Traffic Spikes and Scaling Drupal Stack and React Apps Campaign Theme United by Unique Yearly Content and Three Year Cycle Drupal Community and Open Access Custom AI Modules and Azure Future Improvements and AI Tagging Story Submission Formats Prevention PSA and Wrap Up Resources World Cancer Day Union for International Cancer Control Guests Diego Costa - 1xinternet.com diegofcosta Charles Andrew Revkin - worldcancerday.org revkin Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Steve Wirt - civicactions.com Swirt MOTW Correspondent Martin Anderson-Clutz - mandclu.com mandclu Brief description: Have you ever wanted to check PDF files for accessibility, as they're uploaded to your Drupal site? There's a module for that. Module name/project name: PDFa11y Brief history How old: created in Feb 2026 by Joshua Mitchell (joshuami), a friend of this podcast Versions available: 1.0.1, which works with Drupal 10.2 and 11 Maintainership Actively maintained Security coverage in process Test coverage Number of open issues: none Usage stats: 0 sites Module features and usage With the PDFa11y module installed, you can set its configuration, including whether to enable or disable automatic checking on upload, whether to block uploads that fail checks or just show warnings, a minimum PDF version requirement, and which accessibility checks to run The module also sets creates three new permissions, Administer PDF accessibility settings, Run PDF accessibility checks, and View PDF accessibility report Each PDF media item has an "Accessibility" tab where anyone with the necessary permissions can view the check results Under the hood PDFa11y uses the smalot/pdfparser library to extract data from PDF files Many sites rely on PDFs to make available content that they aren't able to migrate directly into Drupal content, so making sure that doesn't introduce its own accessibility regressions is an important step

Today we are talking about The Good and the Bad of AI , How our panel feels about AI , and you guessed it more AI with guest Scott Falconer. We'll also cover Field Widget Actions as our module of the week. For show notes visit: https://www.talkingDrupal.com/542 Topics AI and Social Isolation How We Use AI Friction and Independence Stack Overflow Debate Collaboration and Team Culture Is AI Inevitable AI Hype Meets Costs Adoption Cooling Signals Pricing Inequality Risks Open Source and PRs Requirements and LLMs Easy Tools Not Always Right Juniors Learning and Patterns Human Value and Ambiguity Losing Cognitive Endurance AI vs Social Media Uniquely Human Skills Resources Stack overflow Guests Scott Falconer - managing-ai.com scott-falconer Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Catherine Tsiboukas - mindcraftgroup.com bletch MOTW Correspondent Martin Anderson-Clutz - mandclu.com mandclu Brief description: Have you ever wanted to enhance the Drupal content editing experience by allowing site builders to attach actionable buttons directly to field widgets on entity forms? There's a module for that. Module name/project name: Field Widget Actions Brief history How old: created in Oct 2025 by Artem Dmitriiev (a.dmitriiev) of 1x Internet, a founding member of the AI Initiative Versions available: 1.0.0-alpha1 and 1.3.0, both of which works with Drupal 10.3 and 11.1 or newer Maintainership Actively maintained Security coverage Test coverage Documentation - includes Markdown files that explain how to set up and extend its capabilities Number of open issues: 12 open issues, 4 of which are bugs Usage stats: 24 sites Module features and usage With this module installed, a site builder can attach action buttons to form fields in Drupal entity forms, for example for creating nodes or taxonomy terms What happens when you click a button depends on what processor you associate with it, and the settings you configure for the processor. Processors can be provided by other modules, like AI or ECA. For example, you could attach a button to a tags field that when clicked will send the content of the body field to an AI agent that will return a set of suggested tags. Or, you could have it trigger an ECA model for a more deterministic flow This is all done using a plugin framework implemented by Field Widget Actions, so you also create your own custom processors to be used with action buttons One of the things that got me excited about working with the team behind Augmentor AI was the approach that module used to make AI something a user would manually trigger, and then can curate before the suggestions are saved. Field Widget Actions allows that same approach to be implemented with the AI ecosystem that is growing by leaps and bounds thanks to the team involved with Drupal's AI Initiative It's worth noting that Field Widget Actions used to be a submodule of the AI project, so if you're using a version of that older than 2.0, you may already have Field Widget Actions available in your codebase

Today we are talking about Mautic, marketing automation, and its history with Drupal with guest Ruth Cheesley. We'll also cover Mautic ECA as our module of the week. For show notes visit: https://www.talkingDrupal.com/541 Topics What Is Mautic? Self-Hosting and Data Ownership Who Uses Mautic + Personalization Mautic's History with Drupal How Drupal Integrate Mautic Orchestration in Mautic Privacy & Compliance: GDPR Tools, Consent, and Do-Not-Contact Controls Hosting Options Advanced Segmentation Points-Based Lead Scoring Validating Segments Using Points to Boost Common Mautic Adoption Pitfalls Getting Support The Future with AI AI and Open Source Maintenance Mautic Sustainability & Fundraising How to Contribute Resources Mautic Mautic Integration Advanced Mautic Integration Talking Drupal #343 - Marketing Automation with Mautic Managed hosting, 40% goes to the community Mautic/Drupal case study and presentation on that from our conference https://www.youtube.com/watch?v=r0SkfeHTLK8 https://mautic.org/case-study/inagro/ GDPR cleanup jobs to remove old data Anonymization tasks to comply with specific laws (eg CCPA) Anonymize IP setting Proposal to overhaul all things privacy and streamline experience for marketers - currently seeking funding, planning to ship in Mautic 9 Mautic contribution docs Testing PRs: inlcuding local setup guide Low/no-code tasks board Thanks Dev Ecosystems Guests Ruth Cheesley - ruthcheesley.co.uk RCheesley Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Catherine Tsiboukas - mindcraftgroup.com bletch MOTW Correspondent Martin Anderson-Clutz - mandclu.com mandclu Brief description: Have you ever wanted to integrate Mautic marketing automation into your Drupal website, using ECA? There's a module for that. Module name/project name: Mautic ECA Brief history How old: created in Jun 2025 by Abhisek Mazumdar (abhisekmazumdar) of Dropsolid Versions available: 1.0.6 which works with Drupal 10 and 11 Maintainership Actively maintained Documentation - detailed README Number of open issues: 1 open issues, which is not a bug Usage stats: 3 sites Module features and usage With the module installed, your ECA models can respond to Mautic webhooks, and can also make use of new actions to give you CRUD capabilities (Create, Read, Update, or Delete) for contacts and segments within ECA Mautic ECA declares the Mautic API module as a dependency, and you need to use it to set up an API connection, and to define any webhooks you want to use in your models It's worth noting that the maintainers of Mautic ECA also seem to be involved with a number of other modules in the Mautic API ecosystem, including Mautic Personalization, as well as Mautic Content Provider, which can expose Drupal content for use in Mautic, for example to include in emails

Join Karen Horrocks and Stephen Musgrave as they introduce the upcoming non-profit summit at DrupalCon 2026 in Chicago. In this comprehensive fireside chat, they explore how AI can be integrated to serve a nonprofit's mission, plus the dos and don'ts of AI implementation. Hear insights from leading nonprofit professionals, learn about the variety of breakout sessions available, and discover the benefits of Kubernetes for maximizing ROI. Whether you're a developer, content editor, or a strategic planner, this session is crucial for understanding the future of nonprofit operations with cutting-edge technology. For show notes visit: https://www.talkingDrupal.com/cafe015 Topics Introduction Meet Karen & Stephen Karen's Journey to Nonprofit Work Deep Dive into Drupal and Nonprofit Websites Capella's Approach to Continuous Improvement Nonprofit Summit Overview Exploring Summit Themes: AI and Resiliency Digital Sovereignty and Ethical Considerations Additional Breakout Sessions and Topics Community Engagement and Registration Details Conclusion and Final Thoughts Stephen Musgrave Stephen (he/him) is a co-founder, partner and Lead Technologist at Capellic, an agency that build and maintains websites for non-profits. Stephen is bullish on keeping things simple – not simplistic. His goal is to maximize the return on investment and minimize the overhead in maintaining the stack for the long term. Stephen has been working with the web for over 30 years. He was initially drawn to the magic of using code to create web art, added in his love for relational databases, and has spent his career building websites with an unwavering commitment to structured content. When Stephen isn't at his desk, he's often running to and swimming in Barton Springs Pool, getting a bit too wound-up at Austin FC games, and playing Legos with his little one. Karen Horrocks Karen (she/her, karen11 on drupal.org and Drupal Slack) is a Web and Database Developer for the Physicians Committee for Responsible Medicine, a nonprofit dedicated to saving and improving human and animal lives through plant-based diets and ethical and effective scientific research. Karen began her career as a government contractor at NASA Goddard Space Flight Center developing websites to distribute satellite data to the public. She moved to the nonprofit world when the Physicians Committee, an organization that she supports and follows, posted a job opening for a web developer. She has worked at the Physicians Committee for over 10 years creating websites that provide our members with the information and tools to move to a plant-based diet. Karen is a co-moderator of NTEN's Nonprofit Drupal Community. She spoke on a panel at the 2019 Nonprofit Summit at DrupalCon Seattle and is helping to organize the 2026 Nonprofit Summit at DrupalCon Chicago. Resources Nonprofit Summit Agenda: https://events.drupal.org/chicago2026/session/summit-non-profit-guests-must-pre-register Register for the Summit (within the DrupalCon workflow): https://events.drupal.org/chicago2026/registration Funding Open Source for Digital Sovereignty: https://dri.es/funding-open-source-for-digital-sovereignty NTEN's Drupal Community of Practice Zoom call (1p ET on third Thursday of the month except August and December): https://www.nten.org/drupal/notes Nonprofit Drupal Slack Channel: #nonprofits on Drupal Slack Guests Karen Horrocks - karen11 www.pcrm.org Stephen Musgrave - capellic capellic.com

Today we are talking about Acquia's Fully managed Drupal SaaS Acquia Source, What you can do with it, and how it could change your organization with guest Matthew Grasmick. We'll also cover AI Single Page Importer as our module of the week. For show notes visit: https://www.talkingDrupal.com/540 Topics Introduction to Acquia Source The Evolution of Acquia Source Cost and Market Position of Acquia Source Customizing and Growing Your Business Challenges of Building a SaaS Platform on Drupal Advantages of Acquia Source for Different Markets Horizontal Scale and Governance at Scale Canvas CLI Tool and Synchronization Role of AI in Acquia Source Agencies and Enterprise Clients AI Experiments and Content Importer AI and Orchestration in Drupal Future Innovations in Acquia Source Resources Acquia source Nebula Guests Matthew Grasmick - grasmash Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Catherine Tsiboukas - mindcraftgroup.com bletch MOTW Correspondent Martin Anderson-Clutz - mandclu.com mandclu Brief description: Have you ever wanted to use AI to help map various content on an existing site to structured fields on Drupal site, as part of creating a node? There's a module for that. Module name/project name: AI Single Page Importer Brief history How old: created in Jan 2026 by Mark Conroy (markconroy) who listeners may know from his work on the LocalGov distribution and install profile Versions available: 1.0.0-alpha3, which works with Drupal core 10 or 11 Maintainership Actively maintained Documentation - pretty extensive README, which is also currently in use as the project page No issues yet Usage stats: 2 sites Module features and usage With this module enabled, you'll have a new "AI Content Import" section at the top of the node creation form. In there you can provide the URL of the existing page to use, and then click "Import Content with AI". That will trigger a process where OpenAI will ingest and analyze the existing page. It will extract values to populate your node fields, and then you can review or change those values before saving the node. In the configuration you can specify the AI model to use, a maximum content length, an HTTP request timeout value, which content types should have the importer available, and then also prevent abuse by specifying blocked domains, a flood limit, and a flood window. You will also need to grant a new permission to use the importer for any user roles that should have access. The module also includes a number of safeguards. For example, it will only accept URLs using HTTP or HTTPS protocols, private IP ranges are blocked, and by default it will only allow 5 requests per user per hour. It will perform HTML purification for long text fields, and strip tags for short text fields. In addition, it removes dangerous attributes like onclick or inline javascript, and generates CKEditor-compatible output. It currently supports a list of field types that include text_long, text_with_summary, string, text, datetime, daterange, timestamps and link fields. It also supports entity reference fields, but only for taxonomy terms. Listeners may also be aware of the Unstructured module which does some similar things, but requires you to use an Unstructured service or run a server using their software. So I would say that AI Single Page Importer is perhaps a little more narrow in scope but works with an OpenAI account instead of requiring the less commonly used Unstructured.

Join AmyJune and Avi as they discuss the complexities of organizing large events in changing times. The discussion covers topics from past DrupalCons, the crucial coordination behind community health and safety, accessibility, and the evolving challenges involving inclusivity. They also touch on the intersection of community dynamics, the importance of creating shared realities, and the engaging experience of the Drupal community. Additionally, expect an overview of upcoming events, including keynotes and fun activities like the Drupal Coffee Exchange. For show notes visit: https://www.talkingDrupal.com/cafe014 Topics Catching Up with AmyJune and Avi Memories of DrupalCon and Camps The $2 Bill Tradition Open Y and Community Contributions Community Working Group and Governance Initial Reactions and Reflections Challenges of Organizing DrupalCon Accessibility and Safety Concerns Event Planning and Community Involvement Learning from Other Events Upcoming Keynote and Event Highlights Community and Collaboration AmyJune Hineline AmyJune works with the Linux Foundation as the Certification Community Architect, supporting the Education team in developing and maintaining exams and related documentation across the foundation's certification portfolio. She's also a DrupalCamp organizer (Florida DrupalCamp, DrupalCamp Asheville, and DrupalCamp Colorado), a member of the Community Working Group's Conflict Resolution Team, and serves on the board of the Colorado Drupal Association. Avi Schwab Avi came to Drupal for the community and has been active in it since 2008. He is a founding organizer of MidCamp, Midwest Open Source Alliance, and the Event Organizer Working Group. In his role as a Technical Product Consultant at ImageX Media, he builds and supports Drupal sites for over 40 YMCA associations in the USA and Canada. For fun, he bikes, bakes, and enjoys time with his family. Guests AmyJune Hineline - volkswagenchick Avi Schwab - froboy

Today we are talking about EvolveDigital, What it is, and how it started in Drupal with guest Maya Schaeffer. We'll also cover Drupal CMS 2.0 as our module of the week. For show notes visit: https://www.talkingDrupal.com/539 Topics Comparing Drupal and WordPress Evolve Digital Summit Insights Marketing and Drupal Integration Evolve Digital and CMS Comparisons Summit Structure and Networking Speaker Selection and Outreach Balancing Content and Community Lessons from Different Cities Future Plans and New Formats Resources EvolveDigital Drupal CMS documentation Decoupling Content & Frontend Nika Karliuchenko, John Picozzi, Pete Navarra Drupal Canvas Webinar Guests Maya Schaeffer - evolvedigital.com mayalena Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Catherine Tsiboukas - mindcraftgroup.com bletch MOTW Correspondent Martin Anderson-Clutz - mandclu.com mandclu Brief description: Do you want to start your next Drupal site using a variety of best practices, including Canvas for page layouts, or site templates for an opinionated architecture out of the box? Then the recently released Drupal CMS 2.0 could be just what you need. Module name/project name: Drupal CMS Brief history 2.0 release was created by phenaproxima less than a week ago, and requires Drupal 11.3 Maintainership Actively maintained Security coverage Test coverage Documentation guide linked in the show notes 145 issues on the development project, 24 of which are bugs Usage stats: No direct way to track, but drupal_cms_helper was added as a dependency late in the Drupal CMS 1.x cycle, so the fact that it has been installed 3,780 times likely indicates that Drupal CMS has been installed several thousand times at a minimum Module features and usage The biggest change in Drupal CMS 2 is the addition of Canvas for creating and managing layouts. We talked about Drupal Canvas in depth back in episode #518 so I won't go into too much detail here, but having it set up for you as an out-of-the-box feature is a big benefit Drupal CMS 1.0 included a carefully curated content architecture, including some optional recipes for additional capabilities. With version 2, the intent is for site templates to be the source of the content architecture. I'm sure we'll be hearing a lot more about site templates, including a marketplace where people can find them, in the coming and in particular with DrupalCon Chicago fast approaching Drupal CMS 2.0 also ships with much more sophisticated AI capabilities. There's a dedicated Canvas AI that can be used to generate and populate entire layouts, as well as generating code components, based on a user's prompt. And listeners may remember the demo in the Vienna Driesnote of using the Context Control Center to automatically create drafts of content updates when marketing information changes And of course, starting with Drupal core 11.3 means you'll get all the performance and other improvements in the latest version