Just imagine waking up one morning, getting into your hosting control panel, and seeing a site you never installed. That's what many people just woke up to. Why? Because Softaculous was hacked in 2025. That is not a small issue—it is a big one. Let's break it down in plain language.
Hackers found a flaw in the Softaculous update process. Instead of keeping things safe, it invited trespassers. They took advantage of the flaw to:
What Went Wrong?
This year, a number of web hosts started noticing irregularities with Softaculous. Sites were installed automatically by someone unknown. So, what really happened?Hackers found a flaw in the Softaculous update process. Instead of keeping things safe, it invited trespassers. They took advantage of the flaw to:
- Install unwanted websites (like WordPress).
- Push weird scripts onto websites.
- Change admin passwords secretly.
Why Did This Happen?
This is the horrific part—Softaculous had already made a patch available for the problem. But many servers didn't get to install it in time. Why not?- Many admins forgot to update.
- Other admins disabled auto-updates due to past problems.
What's on the Line?
So, what is a hacker going to accomplish? Sadly, a lot.- You can lose your control panel data.
- Database passwords may be exposed.
- Stored FTP passwords can be disclosed as well.
So, What Steps You Need to Take Immediately?
Do not wait for your host to notify you. Do these now:- You can update Softaculous to its latest version.
- Update all your passwords such as cPanel, FTP, database and I believe for all of them.
- Its important to scan your server with appropriate tools for malware at regular interval.
- Always you need to find out unknown sites that were installed through Softaculous.
- You must enable notifications for file changes or logins.
