The Hacker News

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments. The attack ...
The Washington Post

3 simple ways to reduce your body’s exposure to plastic chemicals

When it comes to plastic-related particles and chemicals, people often feel helpless and overwhelmed. Plastic contamination feels so pervasive, inevitable and frustrating, especially since the ...
The Hacker News

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The ...
TechCrunch

Hackers are mass-exploiting the cPanel bug to gain control of thousands of websites

Nearly a week after the makers of the popular web server management software cPanel and WebHost Manager (WHM) alerted users of a critical flaw in its software, hackers are now mass-compromising ...
SecurityWeek

Over 40,000 Servers Compromised in Ongoing cPanel Exploitation

The attacks likely target CVE-2026-41940, a recently patched zero-day leading to administrative access. More than 40,000 servers have likely been compromised as attackers ramp up exploitation of a ...
Dark Reading

Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability

A critical authentication bypass flaw in cPanel software products has come under heavy exploitation from a variety of threat actors shortly after public disclosure, putting millions of websites at ...
Bleeping Computer

Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks

A new disclosed cPanel flaw tracked as CVE-2026-41940 is being mass-exploited to breach websites and encrypt data in "Sorry" ransomware attacks. This week, an emergency update for WHM and cPanel was ...
cybernews

Critical cPanel bug exposes millions of websites to full server takeover

A critical vulnerability in cPanel and WHM, tracked as CVE-2026-41940, allows attackers to bypass authentication and gain full server access. It may have been actively exploited since late February, ...
theregister

First reports come in of victims of critical cPanel vuln as 'millions' of sites potentially ...

CISA has added a critical cPanel bug to its known-exploited list, confirming that attackers are already poking holes in one of the internet's most widely used hosting stacks. The vulnerability, ...
IT News For Australia Business

cPanel drops patches for exploited authentication bypass zero-day

Web hosting software vendor cPanel has issued patches for a critical vulnerability in its software that is under exploitation and that allows attackers to bypass authentication. The flaw, indexed as ...
TechCrunch

Hackers are actively exploiting a bug in cPanel, used by millions of websites

Security researchers are sounding the alarm on a newly discovered vulnerability in the widely used web server management software cPanel and WebHost Manager (WHM). The bug allows hackers to hijack and ...
theregister

Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day

Emergency patches are available for a critical vulnerability in cPanel and WHM that allows attackers to bypass authentication and gain root access to servers managed using it. Given that cPanel and ...