The company behind cPanel has said that one of its servers has been compromised, and suggests that anyone who has filed a support request in the past six months should seriously consider changing the passwords on their servers and (if possible) regularly rotating their SSH keys.

• Ars Technica: Server hack prompts call for cPanel customers to take “immediate action”

Update

cPanel has issued an update with some explanation of the incident, and instructions detailing how to tell if your server is affected. Another post on this topic has indicated that the hackers used their access to install trojans and rootkits.

• cPanel: cPanel, Inc. Announces Additional Internal Security Enhancements
• H-Online: Hacker break-in at cPanel saw SSH trojans deployed