Critical cPanel vulnerability under active attack allows full server hijacking
By
Zack Whittaker
1mo ago· 3 min readenNews
90/100
Golden Brown
Bagelometer↗
Pure flour-power. Hearty enough to carry you through lunch.
Score90TypenewsSentimentnegative
Summary
Security researchers have discovered a critical vulnerability in cPanel and WebHost Manager (WHM), widely used web server management software serving tens of millions of websites. The bug allows hackers to hijack and take full control of affected servers. While many commercial web hosting companies have already patched their systems, cPanel's maker urges all customers to ensure their systems are updated, as the vulnerability affects all supported versions. The bug is under active exploitation, with one company reporting hackers have been abusing it for months.
Key quotes
· 5 pulledSecurity researchers are sounding the alarm on a newly discovered vulnerability in the widely used web server management software cPanel and WebHost Manager (WHM).
The bug allows hackers to hijack and take full control of the servers running the affected software, which is thought to be used by tens of millions of website owners around the world.
The cPanel maker urged customers to ensure that their systems are patched as the bug affects all supported versions of the software.
Web hosts are scrambling to fix the bug under active attack by hackers.
One company said hackers have been abusing the bug for months.
Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months.
