On February 20, 2023, several news articles were published regarding a compromise in the security, or “hacking,” of GoDaddy’s shared hosting servers that resulted in the distribution of malware. Despite some of these articles including cursory references to cPanel, there is no indication that the incident in any way pertained to cPanel beyond that fact that the compromised servers do have cPanel installed, amongst multiple other software.
In response to these news stories, we have proactively conducted a thorough security review and found no existing vulnerabilities within cPanel related to this incident. We encourage all software manufacturers to do the same, as online security is a responsibility shared by all.
To be clear, the security compromises and malware attacks currently being reported within GoDaddy’s shared hosting environment are in no way related to, or caused by, any exploit or vulnerability within cPanel to our knowledge.
As industry leaders we understand the devastating results that can potentially occur when those with malicious intent set out to take destructive action. We will continue to monitor the situation and issue any updates as needed.