Panorama Studios International Discloses Cybersecurity Incident at Third-Party Service Provider - scanx.trade
scanx.tradeArchived Jun 24, 2026✓ Full text saved
Panorama Studios International Discloses Cybersecurity Incident at Third-Party Service Provider scanx.trade
Full text archived locally
✦ AI Summary· Claude Sonnet
ScanXNewsPanorama Studios International Discloses Cybersecurity Incident at Third-Party Service Provider
Panorama Studios International Discloses Cybersecurity Incident at Third-Party Service Provider
2 min read Updated on 07 May 2026, 04:53 PM
Reviewed by
Suketu GScanX News Team
Add as a preferred
source on Google
AI Summary
Panorama Studios International disclosed a cybersecurity incident at its third-party hosting and email service provider to the Bombay Stock Exchange on 07 May 2026, under Regulation 30 of SEBI's LODR Regulations. The breach stemmed from a critical zero-day vulnerability, CVE-2026-41940, affecting cPanel/WHM servers, which was exploited despite the service provider implementing recommended security updates. The attacker deleted database and historical backup data, rendering certain data partially or wholly unrecoverable, while the company's website was taken offline and email services were disrupted. The company clarified that its internal IT infrastructure was not affected and that it is coordinating with the service provider on restoration and remediation efforts.
powered by
*this image is generated using AI for illustrative purposes only.
Panorama Studios International has filed a disclosure with the Bombay Stock Exchange under Regulation 30 of the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015, informing stakeholders of a cybersecurity incident at a third-party service provider responsible for hosting and managing the company's official email systems and website. The disclosure, dated 07 May 2026, was signed by Company Secretary Yatin Chaphekar.
Nature of the Cybersecurity Incident
The incident originated from a critical zero-day vulnerability, identified as CVE-2026-41940, which affects servers running the latest versions of cPanel/WHM. The vulnerability was disclosed by cPanel on 30 April 2026, with the advisory noting that it could potentially allow unauthorized access to hosting control panels, resulting in modification or deletion of user data. The company received a communication dated 07 May 2026 from the service provider detailing the sequence of events.
According to the service provider's communication, despite the immediate implementation of recommended security updates and mitigation measures upon receiving the advisory, the hosting infrastructure was subjected to a sophisticated cyberattack. The attacker gained unauthorized access and severely damaged user data and services. Multiple suspicious files were also identified on certain user accounts.
Impact on Data and Operations
The following table summarises the key details of the incident as disclosed:
Parameter: Details
Vulnerability ID: CVE-2026-41940
Affected Software: cPanel/WHM (latest versions)
Vulnerability Disclosed By: cPanel on 30 April 2026
Communication Received: 07 May 2026
Services Affected: Official email systems and company website
Data Impact: Partial or no recovery possible for certain data
Backup Status: Historical backup data deleted by attacker
The attacker allegedly deleted database server data as well as historical backup data from the compromised environment, thereby restricting restoration from backup sources. As a result, certain data may only be partially recoverable or may not be recoverable at all. The service provider has since migrated all remaining recoverable data to a new server environment, as the compromised server was no longer considered secure or trustworthy.
Company's Clarifications and Precautionary Measures
Panorama Studios International has provided the following clarifications regarding the incident:
The incident occurred at the level of the external service provider and not within the company's internal IT infrastructure.
The company is in continuous coordination with the service provider to assess the nature and extent of the incident.
The impact on the company's data and operations is currently being evaluated.
As precautionary measures, the following steps have been taken:
The company's website has been temporarily taken offline.
Email communications may be disrupted or unreliable during this period.
Stakeholders have been advised to exercise caution and verify any communication claiming to be from the company until further notice.
Ongoing Remediation and Next Steps
The service provider is currently undertaking restoration and remediation measures, with efforts underway to recover website data from alternative resources. Panorama Studios International has also stated that it is reviewing additional safeguards to mitigate such risks. The company has committed to keeping the stock exchange informed of any further material developments in this regard. A copy of the communication received from the third-party service provider has been enclosed as Annexure – A with the regulatory filing.
Historical Stock Returns for