Hackers are actively exploiting a bug in cPanel, used by millions of websites

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug ...
Morning Overview on MSN

A cPanel flaw exploited since February just gave hackers root access to 1.5 million websites

If your website runs on shared hosting, there is a reasonable chance it sits on a server managed by cPanel, the control panel ...

Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks

A new disclosed cPanel flaw tracked as CVE-2026-41940 is being mass-exploited to breach websites and encrypt data in "Sorry" ...
SecurityWeek

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months

A critical-severity authentication bypass vulnerability in cPanel & WHM has been exploited as a zero-day since February 2026.
The Hacker News

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...
SecurityWeek

Over 40,000 Servers Compromised in Ongoing cPanel Exploitation

Over 40,000 servers have likely been compromised in ongoing attacks targeted at a recently patched cPanel zero-day.

cPanel/WHM: Unauthorized access to web server configuration tool possible

Attackers can exploit a “ critical ” security vulnerability in the cPanel and WebHost Manager (WHM) web server administration ...
NewsBytes

Critical cPanel WHM flaw CVE-2026-41940 allows hackers access, customers urged

A newly discovered bug in cPanel and WebHost Manager (WHM) software is being actively exploited by hackers, potentially ...

cPanel, WHM emergency update fixes critical auth bypass bug

A critical vulnerability affecting all but the latest versions of cPanel and the WebHost Manager (WHM) dashboard could be exploited to obtain access to the control panel without authentication.