A critical authentication vulnerability was identified in cPanel & WHM that had the potential to allow unauthorised access to control panel services.
As a precaution, access to cPanel, WHM, Webmail and related services was temporarily restricted across affected servers while a vendor patch was developed. Importantly, there was no impact to websites, email delivery, or customer data.
Once the official patch was released, it was promptly deployed across all supported systems. Temporary access restrictions were then safely removed.
For a small number of legacy systems unable to be updated, additional server-level protections have been applied. These systems remain secure, with access limited to trusted connections. Customers using these environments are being contacted with upgrade options.
At all times, the focus remained on protecting customer systems while restoring normal access as quickly and safely as possible.