cPanel | Breaking Cybersecurity News | The Hacker News

As many as three disparate but related campaigns between March and Jun 2022 have been found to deliver a variety of malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners onto compromised systems. "The actors use PowerShell, .NET assemblies, and HTA and VBS files to spread across a targeted network, eventually dropping other pieces of malware, such as the  SystemBC  trojan and  DCRat , to enable various stages of their operations," Cisco Talos researcher Vanja Svajcer said in a report shared with The Hacker News. The malicious implant in question, ModernLoader , is designed to provide attackers with remote control over the victim's machine, which enables the adversaries to deploy additional malware, steal sensitive information, or even ensnare the computer in a botnet. Cisco Talos attributed the infections to a previously undocumented but Russian-speaking threat actor, citing the use of off-the-shelf tools. Potential targets included Eastern Eur

cPanel, a provider of popular administrative tools to manage web hosting, has patched a security vulnerability that could have allowed remote attackers with access to valid credentials to bypass two-factor authentication (2FA) protection on an account. The issue, tracked as "SEC-575" and discovered by researchers from  Digital Defense , has been remedied by the company in versions 11.92.0.2, 11.90.0.17, and 11.86.0.32 of the software. cPanel and WHM (Web Host Manager) offers a Linux-based control panel for users to handle website and server management, including tasks such as adding sub-domains and performing system and control panel maintenance. To date, over  70 million domains  have been launched on servers using cPanel's software suite. The issue stemmed from a lack of rate-limiting during 2FA during logins, thus making it possible for a malicious party to repeatedly submit 2FA codes using a brute-force approach and circumvent the authentication check. Digital D

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

cPanel is a Unix based  fully featured popular web based hosting account control panel that helps webmasters to manage their domains through a web browser. The latest version of  cPanel & WHM is 11.34, which is  v ulnerable  to multiple cross site scripting. During my bug hunting process, today I ( Christy Philip Mathew )  discovered some serious XSS v ulnerabilities in  official cPanel, WHM. It also impact on the  latest version of software. This week, Rafay Baloch (Pakistani white hat hacker) also discovered another reflective cross site scripting vulnerability in  cPanel at manage.html . The interesting part would be the whole demonstration I done with the Official cPanel Demo located at https://cpanel.net/demo/ location, can be accessed via demo user & password provided by cPanel website itself i.e.  https://demo.cpanel.net:2086/login/?user=demo&pass=demo These  vulnerabilities actually affect the logged in users. Proof of Concept and screenshots are as shown below: