blackorbird
Virtualizor has released the technical details regarding the recent wave of attacks on Cloudcone, HostSlick, and others. The breach was not a direct software exploit, but a session hijacking attack on their support ticket system. Attackers gained access to approximately 1,500 tickets where providers had carelessly sent plain-text root credentials via email instead of using secure forms. The compromised providers were vulnerable because they failed to rotate these passwords after support cases were resolved - some credentials were over a year old - and did not have IP whitelisting enabled for their Admin Panels or SSH. Virtualizor is urging all admins to immediately rotate any root passwords previously shared in tickets and to restrict Admin Panel access to trusted IPs only. Source: Hosteroid on LET
blackorbird
Urgent Alert! Multiple VPS Providers Hit by Ransomware Attacks – Back Up Data Immediately to Avoid Loss On February 1, 2026, urgent news emerged in the security community: due to a critical vulnerability in the Virtualizor management panel (including the integrated WHMCS
