blackorbird
Urgent Alert! Multiple VPS Providers Hit by Ransomware Attacks – Back Up Data Immediately to Avoid Loss On February 1, 2026, urgent news emerged in the security community: due to a critical vulnerability in the Virtualizor management panel (including the integrated WHMCS plugin), a large number of VPS providers have become targets of ransomware attacks. Several platforms have already reported data damage, and users of relevant services must back up their data immediately. The source of the attack has been identified as a security vulnerability in the Virtualizor management panel, which allows hackers to gain administrator privileges and directly control virtual machines or servers. Currently confirmed affected providers include CloudCone, HostSlick, and OuiHeberg: some node data in CloudCone’s Los Angeles data center is irrecoverable, requiring users to restore it via their own backups; over 25% of HostSlick’s servers have been infected, while Virtualizor’s developer has not yet acknowledged the vulnerability. In addition, ColoCloud, Virtono, SolidSEOVPS, Naranjatech, and 4 other providers using the same management panel and plugin are all in high-risk status, with their users facing the risk of data loss. Core Security Recommendations 1. Users of the aforementioned affected providers: Immediately package all VPS data and download it to local devices for double protection. 2. Other users: Maintain regular backup habits and treat backups as safety insurance to address potential risks. 3. Database users: Write scheduled backup scripts (recommended hourly), sync backup files to local devices or third-party cloud storage, and avoid impacts on business performance during backups. Data security is no trivial matter. Timely backups are the key to defending against ransomware attacks, preventing irreparable losses caused by data loss.