The Hacker News

Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

Panel patches authentication flaw across supported versions, prompting Namecheap port blocks and temporary access limits.

Hackers are actively exploiting a bug in cPanel, used by millions of websites

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug ...
SecurityWeek

Over 40,000 Servers Compromised in Ongoing cPanel Exploitation

Over 40,000 servers have likely been compromised in ongoing attacks targeted at a recently patched cPanel zero-day.
SecurityWeek

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months

A critical-severity authentication bypass vulnerability in cPanel & WHM has been exploited as a zero-day since February 2026.

cPanel, WHM emergency update fixes critical auth bypass bug

A critical vulnerability affecting all but the latest versions of cPanel and the WebHost Manager (WHM) dashboard could be ...
Dark Reading

Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability

The authentication-bypass flaw has multiple proof-of-concept exploits, and one researcher claims there's been zero-day ...

Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day

Perhaps the worst part is that early signals from defenders, such as KnownHost CEO Daniel Pearson, suggest it may have been ...

Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks

A new disclosed cPanel flaw tracked as CVE-2026-41940 is being mass-exploited to breach websites and encrypt data in "Sorry" ...

cPanel drops patches for exploited authentication bypass zero-day

Web hosting software vendor cPanel has issued patches for a critical vulnerability in its software that is under exploitation ...
Hosted on MSN

Hackers still exploiting cPanel flaw despite mass patching

A critical authentication bypass flaw in cPanel and WHM, CVE-2026-41940, continues to be exploited globally despite emergency patches released April 28. While compromised instances have dropped from ...