Dark Reading

Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability

The authentication-bypass flaw has multiple proof-of-concept exploits, and one researcher claims there's been zero-day ...

Critical cPanel and WHM bug exploited as a zero-day, PoC now available

The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in ...
SecurityWeek

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months

A critical-severity authentication bypass vulnerability in cPanel & WHM has been exploited as a zero-day since February 2026.

cPanel, WHM emergency update fixes critical auth bypass bug

A critical vulnerability affecting all but the latest versions of cPanel and the WebHost Manager (WHM) dashboard could be ...
SecurityWeek

Over 40,000 Servers Compromised in Ongoing cPanel Exploitation

Over 40,000 servers have likely been compromised in ongoing attacks targeted at a recently patched cPanel zero-day.

Hackers are actively exploiting a bug in cPanel, used by millions of websites

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug ...