Unknown attackers have compromised the official distribution of the VestaCP hosting control panel solution to harvest server IPs and admin credentials. That information was exploited to install malware with DDoS capabilities (Linux/ChachaDDoS) on victims’ web servers.
Read full news article on Help Net Security