Hackers are actively exploiting a bug in cPanel, used by millions of websites

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months.
Bleeping Computer

cPanel 2FA bypassed in minutes via brute-force attacks

A security flaw in the cPanel web hosting control panel allows attackers to circumvent two-factor authentication (2FA) checks via brute-force attacks for domains managed using vulnerable cPanel & ...

Root attacks on Cisco Catalyst SD-WAN Manager and cPanel plugin LiteSpeed

Attackers are targeting Cisco Catalyst SD-WAN Manager and cPanel instances with the LiteSpeed plugin. However, attacks are ...
Hosted on MSN

New cPanel patch addresses CRLF injection flaw that could grant root server access

New critical severity vulnerability allows for authentication bypass The vulnerability affects cPanel and WebHost Manager Attackers can gain full root administrator privileges over any server ...
heise online

Security Patch: Security vulnerabilities in cPanel and WHM closed again

The web server and management software cPanel and WebHost Manager (WHM) are once again vulnerable. In the worst case, malicious code can get onto systems and compromise them. Admins should install the ...