Hackers are exploiting a known critical vulnerability in the Web Control Panel web hosting interface. The unauthenticated remote code execution flaw was patched in October 2022; users are urged to update to version 0.9.8.1147 or later. More info https://seclists.org/fulldisclosure/2023/Jan/1
