Critical cPanel exploited: 'Millions' of sites could be hit

Critical cPanel exploited: 'Millions' of sites could be hit

: Exploitation was underway before patches landed, at least one victim reports ransomware demand

Hackers Are Actively Exploiting a Bug In cPanel, Used By Millions of Websites

Hackers are actively exploiting a critical cPanel and WHM vulnerability, tracked as CVE-2026-41940, that allows remote attackers to bypass the login screen and gain full administrative access to affected web servers. Major hosts including Namecheap, HostGator, and KnownHost have taken mitigation steps or patched systems, but cPanel is urging all customers and web hosts to update immediately because the software is widely used across millions of …

First reports come in of victims of critical cPanel vuln as 'millions' of sites potentially exposed

Exploitation was underway before patches landed, at least one victim reports ransomware demand CISA has added a critical cPanel bug to its known-exploited list, confirming that attackers are already poking holes in one of the internet’s most widely used hosting stacks.… This article has been indexed from The Register – Security Read the original article: First reports come in of victims of critical cPanel vuln as ‘millions’ of sites potentiall…