Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks

Published: 1 week ago (May 4, 2026 at 05:27 AM EDT)

1 min read

Source: The Hacker News

Overview

A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed service providers (MSPs) and hosting providers in the Philippines, Laos, Canada, South Africa, and the U.S., by exploiting the recently disclosed vulnerability in cPanel.

The activity, detected by Ctrl‑Alt‑Intel on May 2, 2026, involves the…

Back to Blog

2026: The Year of AI-Assisted Attacks

On December 4, 2025, a 17‑year‑old was arrested in Osaka under Japan’s Unauthorized Access Prohibition Act. The young man had run malicious code to extract the...

Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M

Operation Overview A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 suspects and shut down nine scam cent...

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

Overview Google has addressed a maximum‑severity security flaw in Gemini CLI – the @google/gemini-cli npm package and the google-github-actions/run-gemini-cli...

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python pac...

Overview

Related posts

2026: The Year of AI-Assisted Attacks

Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure