CPanel's Black Week: 3 New Vulnerabilities Patched After Attack on 44k Servers

operatingthetan

People are still using cpanel?

anonzzzies

CPanel and hosters who use them are in big trouble now; there are millions of servers running them, many of them for decades. Their clients can run code as an user without much sandboxing/guardrails at all.

zuzululu

Ages ago I used php-nuke to manage my forum and it got hacked and I thought it would get taken seriously Seeing these CPanel hacks remind me how old these codebases are and how much more vulnerability remain

eagerpace

Wow, similar sentiments about this being a throw back. I’d rather roll my own almost everything these days, may not be as good, but certainly won’t be targeted exploited broadly.

rickdg

Friendly reminder that there aren't that many ways for a normie to create their own (sub)domain with TLS and an email in under five minutes. That's cPanel for ya.

zb3

"AI safeguards" are not working I guess.. or maybe they're only working against those who'd like to secure their software.. good job Anthropic + OpenAI!

josu

So CPanel's security is just as bad as their UI, who would have thought?

0xbadcafebee

44,000 servers compromised? Sounds like somebody could've used a software building code

echelon

> CPanel Now there's a name I haven't heard since the 2005 or so era. How is that thing still around? Next you're going to tell me people still run phpBB and vBulletin somewhere. And use FileZilla FTP. And manage their database with phpMyAdmin.