Fraudsters launched a new phishing attack in which they sent out a fake cPanel advisory warning recipients about fabricated security vulnerabilities.
On August 5, cPanel and WebHost Manager (WHM) users began reporting of having received a fake advisory that appeared to have originated from the company.
The fake advisory informed recipients that cPanel had released new builds to address a series of security vulnerabilities affecting cPanel and WHM installations 88.0.3+, 86.0.21+ and 78.0.49+.
To add a sense of legitimacy, the attackers incorporated cPanel’s logo into their email. But they didn’t stop there. As Bleeping Computer noted in its coverage of the attack: