Days after the disclosure of a critical vulnerability in popular web hosting software cPanel and WHM, hackers keep targeting ...

Over 40,000 servers have likely been compromised in ongoing attacks targeted at a recently patched cPanel zero-day.

The authentication-bypass flaw has multiple proof-of-concept exploits, and one researcher claims there's been zero-day ...

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug ...

A new disclosed cPanel flaw tracked as CVE-2026-41940 is being mass-exploited to breach websites and encrypt data in "Sorry" ...

Panel CVE-2026-41940 exploited within 24 hours, enabling 44,000 IP attacks and data breaches across global networks.

Emergency patches are available for a critical vulnerability in cPanel and WHM that allows attackers to bypass authentication ...

The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in ...

A critical-severity authentication bypass vulnerability in cPanel & WHM has been exploited as a zero-day since February 2026.

Panel patches authentication flaw across supported versions, prompting Namecheap port blocks and temporary access limits.

A critical authentication bypass flaw in cPanel and WHM, CVE-2026-41940, continues to be exploited globally despite emergency patches released April 28. While compromised instances have dropped from ...

CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after ...