And the cunt uses it as an advertising opportunity to show everyone he is using a nulled cPanel and the nulled licenses he sells and use is up-to-date.

(Quote)

* Do you have a complete list of all the cPanel "options" that you have available?

Are nulled services supposed to mean fully outdated cPanel too? 😄

Lmao, what? How do you lose access to your own billing support panel (I suppose they mean WHMCS)? I mean, sure, the hackers may temporarily change the admin password or whatever. But any semi-serious

Good question. Aside of pure bullshit maybe a rootkit on an admin PC or massive password/key reuse? Your guess is as good as mine.

cPanel has updated the documentation with a detection bash script, to help look for indicators of compromise: https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel

from their cpanel shared hosting i got smtp issue, no response more then 24 hour +

Now that (what they are writing) makes little to no sense... On one hand they claim to have no user database anymore but then there's seemingly enough information to map servers (at least in one locat

@MAXKO_Hosting, I think you are using these licenses in your hosting plans. I just checked the demo cPanel on your website and used IP verification from cPanel's website using the IP from your demo cP

an email from [email protected] to reset your password. Those who do not reset their password will have their server suspended. We are not charging for services at all next month. Sorry for

Patches released: https://support.cpanel.net/hc/en-us/articles/40073787579671-Critical-Vulnerability-with-cPanel-WHM-Login-Authentication

Well, if you want to wake up to even more work from a compromised server, then it's probably best you follow the advise cPanel have given.

It certainly does seem like a fast moving situation, likely discovered externally and thus prompting an emergency response. cPanel patch security issues regularly but most don't get anywhere near the

Why the current solution is just adding cPanel ports itself? Tcp 2083 2087 is important duh.

cPanel has now updated their temporary guidance -- in addition to blocking earlier mentioned ports, they are recommending stopping cpsrvd and cpdavd services altogether as a precaution.

The cPanel documentation has been updated to include webmail ports too: https://support.cpanel.net/hc/en-us/articles/40073787579671-Critical-Vulnerability-with-cPanel-WHM-Login-Authentication

Nasty! We've disabled cPanel/WHM/Proxy Subdomains per their advise in the mean time.

Yes, we noticed that too and brought it to the cPanel's team attention. They just updated their documentation a few minutes ago in light of this feedback.

Heads up for anyone running cPanel & WHM environments -- you may want to temporarily block ports 2083/2087 ASAP.