Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
04 May 2026
A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed service providers (MSPs) and hosting providers in the Philippines, Laos, Canada, South Africa, and the U.S., by exploiting the recently disclosed vulnerability in cPanel.
The activity, detected by Ctrl-Alt-Intel on May 2, 2026, involves the