Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day

Emergency patches are available for a critical vulnerability in cPanel and WHM that allows attackers to bypass authentication ...

Hackers are actively exploiting a bug in cPanel, used by millions of websites

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug ...
The Hacker News

Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

Panel patches authentication flaw across supported versions, prompting Namecheap port blocks and temporary access limits.
GovInfoSecurity

Attacks Surge Against Vulnerable cPanel and WHM Software

Tens of thousands of online dashboards controlling servers and web hosting accounts appear to have been compromised by ...

New cPanel patch addresses CRLF injection flaw that could grant root server access

The vulnerability has been given a severity score of 9,8, and administrators should patch immediately.
Martin Cid Magazine

A new cPanel bug let attackers walk into 70 million websites without a password

A critical authentication bypass in cPanel and WHM let attackers walk through the front door of any internet-facing control ...
SecurityWeek

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months

A critical-severity authentication bypass vulnerability in cPanel & WHM has been exploited as a zero-day since February 2026.

Critical cPanel and WHM bug exploited as a zero-day, PoC now available

The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in ...

cPanel, WHM emergency update fixes critical auth bypass bug

A critical vulnerability affecting all but the latest versions of cPanel and the WebHost Manager (WHM) dashboard could be ...
Hosted on MSN

cPanel zero-day exploited for months before critical patch

A critical authentication bypass flaw in cPanel & WHM, tracked as CVE-2026-41940, has been actively exploited as a zero-day since February 2026, allowing attackers full administrative access to ...