CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ⬡ Vulnerabilities & CVEs Jun 24, 2026

Panorama Studios International Discloses Cybersecurity Incident at Third-Party Service Provider - scanx.trade

scanx.trade Archived Jun 24, 2026 ✓ Full text saved

Panorama Studios International Discloses Cybersecurity Incident at Third-Party Service Provider scanx.trade

Full text archived locally
✦ AI Summary · Claude Sonnet


    ScanXNewsPanorama Studios International Discloses Cybersecurity Incident at Third-Party Service Provider Panorama Studios International Discloses Cybersecurity Incident at Third-Party Service Provider 2 min read     Updated on 07 May 2026, 04:53 PM Reviewed by Suketu GScanX News Team Add as a preferred source on Google AI Summary Panorama Studios International disclosed a cybersecurity incident at its third-party hosting and email service provider to the Bombay Stock Exchange on 07 May 2026, under Regulation 30 of SEBI's LODR Regulations. The breach stemmed from a critical zero-day vulnerability, CVE-2026-41940, affecting cPanel/WHM servers, which was exploited despite the service provider implementing recommended security updates. The attacker deleted database and historical backup data, rendering certain data partially or wholly unrecoverable, while the company's website was taken offline and email services were disrupted. The company clarified that its internal IT infrastructure was not affected and that it is coordinating with the service provider on restoration and remediation efforts. powered by *this image is generated using AI for illustrative purposes only. Panorama Studios International has filed a disclosure with the Bombay Stock Exchange under Regulation 30 of the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015, informing stakeholders of a cybersecurity incident at a third-party service provider responsible for hosting and managing the company's official email systems and website. The disclosure, dated 07 May 2026, was signed by Company Secretary Yatin Chaphekar. Nature of the Cybersecurity Incident The incident originated from a critical zero-day vulnerability, identified as CVE-2026-41940, which affects servers running the latest versions of cPanel/WHM. The vulnerability was disclosed by cPanel on 30 April 2026, with the advisory noting that it could potentially allow unauthorized access to hosting control panels, resulting in modification or deletion of user data. The company received a communication dated 07 May 2026 from the service provider detailing the sequence of events. According to the service provider's communication, despite the immediate implementation of recommended security updates and mitigation measures upon receiving the advisory, the hosting infrastructure was subjected to a sophisticated cyberattack. The attacker gained unauthorized access and severely damaged user data and services. Multiple suspicious files were also identified on certain user accounts. Impact on Data and Operations The following table summarises the key details of the incident as disclosed: Parameter: Details Vulnerability ID: CVE-2026-41940 Affected Software: cPanel/WHM (latest versions) Vulnerability Disclosed By: cPanel on 30 April 2026 Communication Received: 07 May 2026 Services Affected: Official email systems and company website Data Impact: Partial or no recovery possible for certain data Backup Status: Historical backup data deleted by attacker The attacker allegedly deleted database server data as well as historical backup data from the compromised environment, thereby restricting restoration from backup sources. As a result, certain data may only be partially recoverable or may not be recoverable at all. The service provider has since migrated all remaining recoverable data to a new server environment, as the compromised server was no longer considered secure or trustworthy. Company's Clarifications and Precautionary Measures Panorama Studios International has provided the following clarifications regarding the incident: The incident occurred at the level of the external service provider and not within the company's internal IT infrastructure. The company is in continuous coordination with the service provider to assess the nature and extent of the incident. The impact on the company's data and operations is currently being evaluated. As precautionary measures, the following steps have been taken: The company's website has been temporarily taken offline. Email communications may be disrupted or unreliable during this period. Stakeholders have been advised to exercise caution and verify any communication claiming to be from the company until further notice. Ongoing Remediation and Next Steps The service provider is currently undertaking restoration and remediation measures, with efforts underway to recover website data from alternative resources. Panorama Studios International has also stated that it is reviewing additional safeguards to mitigate such risks. The company has committed to keeping the stock exchange informed of any further material developments in this regard. A copy of the communication received from the third-party service provider has been enclosed as Annexure – A with the regulatory filing. Historical Stock Returns for
    💬 Team Notes
    Article Info
    Source
    scanx.trade
    Category
    ⬡ Vulnerabilities & CVEs
    Published
    Jun 24, 2026
    Archived
    Jun 24, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗