For people with encrypted files please see this post: cyberpanel 0day leaked attack script · GitHub
This post will be updated with more information as we get it.
If anyone is still using Centos 7 or can not get SSH access to the server, you can try this manual patch.
Update the infected file
Once you get access to your server in rescue mode you can edit the following file
/usr/local/CyberCP/databases/views.py
Now update the content of this file with with content from our latest patched version. Which you can find here: https://raw.githubusercontent.com/usmannasir/cyberpanel/refs/heads/v2.3.8/databases/views.py
Please also read: Detials and fix of recent security issue and patch of CyberPanel