Hackers are actively exploiting a bug in cPanel, used by millions of websites

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months.
Morning Overview on MSN

A critical cPanel flaw just tore into government websites in Guam — the same bug now ...

A critical vulnerability in cPanel, the web-hosting control panel used to manage an estimated millions of servers worldwide, has been exploited to breach government websites in Guam. The flaw, tracked ...
Bleeping Computer

Critical cPanel and WHM bug exploited as a zero-day, PoC now available

The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. It is ...
来自MSN

CPanel’s state-backed attackers are now targeting government servers in Southeast Asia ...

Somewhere on a rack in a government data center in Southeast Asia, a cPanel login screen is almost certainly still waiting for a patch that should have been applied weeks ago. That delay is exactly ...
Bleeping Computer

Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks

A new disclosed cPanel flaw tracked as CVE-2026-41940 is being mass-exploited to breach websites and encrypt data in "Sorry" ransomware attacks. This week, an emergency update for WHM and cPanel was ...