The Hacker News

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...
SecurityWeek

Over 40,000 Servers Compromised in Ongoing cPanel Exploitation

Over 40,000 servers have likely been compromised in ongoing attacks targeted at a recently patched cPanel zero-day.

New cPanel patch addresses CRLF injection flaw that could grant root server access

The vulnerability has been given a severity score of 9,8, and administrators should patch immediately.
SecurityWeek

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months

A critical-severity authentication bypass vulnerability in cPanel & WHM has been exploited as a zero-day since February 2026.
GhanaWeb - Ghana HomePage

cPanel Bug: What Ghanaian Web Hosts Need to Know Now

A serious cPanel security flaw lets hackers take over websites. Here's what it means for Ghanaian small businesses and web ...

cPanel drops patches for exploited authentication bypass zero-day

Web hosting software vendor cPanel has issued patches for a critical vulnerability in its software that is under exploitation ...