Drupal has recently patched a critical remote code execution exploit SA-CORE-2018-002/CVE-2018-7600. This vulnerability may result in Drupal sites to be completely compromised.
Imunify360 protects against this vulnerability using built-in Web Application Firewall (WAF) as well as the intelligent botnet protection. Our team has pushed out updates where we improved rules and performance, and decreased false positive rate. We have added a rule CVE-2018-7600 to our database to detect and block suspicious requests. While we always recommend updating the vulnerable software, we are happy to secure your sites until you have a chance to do so.
According to the Drupal Security Team, this is a highly critical (score 21/25) issue affects Drupal 8, 7, and 6 sites. More information on this vulnerability and updates can be found at this Drupal Advisory: https://www.drupal.org/sa-core-2018-002.