No need to defend cPanel, nor was there any suggestion of any fault nor criticism of cPanel, it was only a 'heads up' that there looked like there was an emerging trend for malware to be hidden in that folder (which is often not seen unless one has made the effort to show hidden files) and even less likely to be regularly inspected. - Perhaps hidden files should be enabled by default, with an option to hide them ?
I also wonder if it might be a good idea to have the AutoSSL system generate a security.txt file as recommended, with at least the email address of the cPanel account filled in.
I can't imagine having the user's email address placed in a publicly accessible file (at least without explicit permission and sometimes I wonder if that's even enough - people will click anything) as being a very good idea.
Basically, if files are being written into the .well-known folder (or any folder) without the account owner's knowledge... that's a security issue and means there's a security issue that the account owner (or web hosting provider, if they are completely managing the account?) would need to rectify.
I don't really see much of the point of this "news" release. They might as wells to have headlined this as "WARNING: If you have a website you are at risk of potentially hosting a phishing site"