Hackers are actively exploiting a bug in cPanel, used by millions of websites

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months.
Hosted on MSN

A critical flaw in cPanel has been a wide-open backdoor since February — 44,000 servers are already encrypted with 'Sorry' ransomware

A single missing authentication check in cPanel, the control panel that underpins millions of shared hosting accounts worldwide, has given ransomware operators a direct path to encrypt entire servers ...
Bleeping Computer

Compromised Site Management Panels are a Hot Item in Cybercrime Markets

Threat actors are openly advertising access to hacked websites as part of the underground economy. One of the most promising products is a compromised cPanel credential. They are sold in the thousands ...
Morning Overview on MSN

CPanel’s state-backed attackers are now targeting government servers in Southeast Asia and military networks in the Philippines

Somewhere on a rack in a government data center in Southeast Asia, a cPanel login screen is almost certainly still waiting for a patch that should have been applied weeks ago. That delay is exactly ...
heise online

cPanel/WHM: Unauthorized access to web server configuration tool possible

Attackers can exploit a “critical” security vulnerability in the cPanel and WebHost Manager (WHM) web server administration software to gain unauthorized access. So far, there are no reports of ...
IT News For Australia Business

cPanel drops patches for exploited authentication bypass zero-day

Web hosting software vendor cPanel has issued patches for a critical vulnerability in its software that is under exploitation and that allows attackers to bypass authentication. The flaw, indexed as ...