BleepingComputer reports that almost all of the 21,761 internet-exposed CyberPanel instances impacted by a critical remote code execution flaw have been disrupted following a massive PSAUX ransomware attack.Most of the vulnerable CyberPanel implementations, which could be taken over using the security issue, were in the U.S., followed by Germany, Singapore, Indonesia, and India, according to threat intelligence search engine LeakIX. Attacks conducted as part of the campaign involved a pair of scripts, with one for CyberPanel bug exploitation and the other for file encryption. However, PSAUX's file encryption script had a weakness that enabled LeakIX to develop a decryptor for files compromised by the ransomware. Organizations with affected CyberPanel instances have been urged to immediately download the latest version of the software from GitHub that resolves the RCE, which is yet to be given a Common Vulnerabilities and Exposures designation.
Ransomware, Vulnerability Management
Thousands of vulnerable CyberPanel instances taken down in PSAUX ransomware attack
(Adobe Stock)
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds