Mass VPS Provider Breach Exposes Critical Virtualizor Flaw, Thousands of Servers Compromised - Cyber Kendra

VPS ransomware attack hits CloudCone, HostSlick via Virtualizor vulnerability. Customer data was permanently lost. According to discussions in the LowEndTalk community, attackers leveraged vulnerabilities in how Virtualizor's billing panel plugin communicates with its API, enabling them to execute unauthorised commands across connected virtual machines without triggering standard security alerts like SSH logs.