Unknown Threat Actor Exploits Critical cPanel Vulnerability Targeting Government and Military Entities

A previously unknown threat actor has exploited a recently disclosed critical vulnerability in cPanel to target government and military entities in Southeast Asia, as well as managed service providers (MSPs) and hosting providers in the Philippines, Laos, Canada, South Africa, and the U.S. The activity was detected by cybersecurity firm Ctrl-Alt-Intel on May 2, 2026. No specific CVE identifier or technical details of the vulnerability were provided in the report. The attacks focus on compromising networks through the cPanel flaw, though the exact impact remains unspecified. The campaign highlights a coordinated effort to breach high-value targets across multiple regions.