cPanel has patched a security vulnerability that could have allowed attackers to bypass 2FA protection. The issue stemmed from a lack of rate-limiting during 2FA during logins. The vulnerability has been fixed by the company in versions 11.92.0.2, 11.90.17, and 11.86.32 of the software. It’s recommended that cPanel customers apply the patches to mitigate the risk associated with the flaw. Back in July, Zoom fixed a security loophole that allowed potential attackers to crack the numeric passcode used to secure private meetings on the platform.
Source: https://thehackernews.com/2020/11/2-factor-authentication-bypass-flaw.html