A week in security (April 27 – May 3)

A significant vulnerability in cPanel, a popular web hosting control panel, has been actively exploited by attackers, putting millions of websites at risk of takeover. The bug, which has not been publicly disclosed with a CVE number, highlights the importance of keeping software up to date. Meanwhile, hackers have stolen hundreds of thousands of Roblox accounts, and PayPal emails continue to be hijacked to deliver tech support scams. Microsoft has also decided not to patch the PhantomRPC feature, leaving its classification as a feature or bug unclear. Researchers have built a chatbot with limited knowledge, and Malwarebytes has integrated its scam-checking capabilities into Claude. A new fake CAPTCHA scam has emerged, which can lead to costly phone bills. State-aligned activity involving Microsoft has shifted the threat model, requiring a different approach to cybersecurity¹. This matters to practitioners because the evolving threat landscape demands a proactive and adaptive response to emerging risks.