Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months.
Panel patched three vulnerabilities, including two 8.8 CVSS flaws, reducing risks of code execution and privilege escalation.
The authentication-bypass flaw has multiple proof-of-concept exploits, and one researcher claims there's been zero-day ...
CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...
Over 40,000 servers have likely been compromised in ongoing attacks targeted at a recently patched cPanel zero-day.
Days after the disclosure of a critical vulnerability in popular web hosting software cPanel and WHM, hackers keep targeting ...
A critical vulnerability in cPanel and WHM, tracked as CVE-2026-41940, allows attackers to bypass authentication and gain full server access. It may have been actively exploited since late February, ...
A newly discovered bug in cPanel and WebHost Manager (WHM) software is being actively exploited by hackers, potentially affecting tens of millions of websites worldwide.
Morning Overview on MSN
CPanel’s state-backed attackers are now targeting government servers in Southeast Asia and military networks in the Philippines
Somewhere on a rack in a government data center in Southeast Asia, a cPanel login screen is almost certainly still waiting ...
CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr Labs, exists in the login flow ...
A critical security vulnerability affecting widely used web hosting software cPanel has prompted urgent calls for administrators to update their systems, amid reports of active ...
Patch now! Attackers worldwide are exploiting a critical security vulnerability in cPanel/WHM. Security updates are available ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results