u/marketingprodxb

April 28th, 2026, cPanel was exposed to a vulnerability. Since then, about 2 million web servers around the globe were attacked. We lost our company website to this attack as the malware damaged our web files plus all the cPanel backups. +25 years of data, gone. And now we'll have to start from scratch because our lazy IT department never took offline backups just to save some money.

If anyone of you are working as a web developer or IT admin that are suppose to manage hosting servers, take offline backups of your websites because this malware is targetting cPanel backups too.

This post was just for the heads-up.

This recent vulnerability has wiped out our entire website and corrupted all the backups. Can someone guide us what can we do now?

Update: As some other people who experienced same situation and were asking in DM, we formatted our server and now starting from scratch again. There is no other way around.

Lesson learnt: setup offline backups.