A bug in popular cPanel, WHM, and WP Squared software has reportedly been exploited since Feb.; CISA it gives a 9.8 CVSS score, tells agencies to patch by May 3
Federal agencies have until May 3 to resolve a security issue impacting a critical system for server and website management.
The Record Jonathan Greig
Related Coverage
- First reports come in of victims of critical cPanel vuln as ‘millions’ of sites potentially exposed The Register · Carly Page
- The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940) watchTowr Labs · Sina Kheirkhah
- Hackers are actively exploiting a bug in cPanel, used by millions of websites TechCrunch · Zack Whittaker
- Critical cPanel and WHM bug exploited as a zero-day, PoC now available BleepingComputer · Bill Toulas
- cPanel's authentication bypass bug is being exploited in the wild, CISA warns CyberScoop · Greg Otto
- CVE-2026-41940: cPanel & WHM Authentication Bypass Rapid7
- Critical cPanel Vulnerability Lets Attackers Bypass Login, Gain Root Access Hackread · Deeba Ahmed
- cPanel drops patches for exploited authentication bypass zero-day iTnews · Juha Saarinen
- Alert - AL26-008 - Vulnerability affecting cPanel and WebHost Manager (WHM) - CVE-2026-41940 Canadian Centre for Cyber Security
- Hackers Are Actively Exploiting a Bug In cPanel, Used By Millions of Websites Slashdot · BeauHD
- CISA Adds One Known Exploited Vulnerability to Catalog CISA
- cPanel zero-day exploited for months before patch release (CVE-2026-41940) Help Net Security · Zeljka Zorz
- ‘The Internet is falling down’: Critical cPanel CRLF injection vulnerability puts tens of millions of websites at risk of total compromise … TechRadar · Benedict Collins
- Attacks Surge Against Vulnerable cPanel and WHM Software InfoRiskToday.com · Mathew J. Schwartz
- Urgent Security Update for cPanel VPS/DS (CVE-2026-41940) Namecheap Status · Ernest S.
- Critical CPanel & WHM Vulnerability Exploited As Zero-Day For Months SecurityWeek · Ionut Arghire
- Critical cPanel zero-day auth bypass exploited since February CyberInsider · Alex Lekander
- CVE-2026-41940: Critical cPanel Authentication Bypass Exposes Hosting Systems The Cyber Express · Ashish Khaitan
- Windows shell spoofing vulnerability puts sensitive data at risk Computerworld · Maxwell Cooter
Discussion
-
r/cybersecurity
r
on reddit
Hackers are actively exploiting a bug in cPanel, used by millions of websites
-
@theo
@theo
on x
cPanel, lightning (on PyPi), and intercom-client (on npm) were all pwn'd in the last 24 hours. We also had a brutal Linux zero day go public. I fear this is only the beginning.
-
@lukashozda
Lukáš Hozda
on x
It's been so many years since I last touched cPanel. As a kid, I thought that's how every website was made. On a thing managed with cPanel
-
@wazzcrypto
@wazzcrypto
on x
cPanel and WHM exploit that affects every supported version and let's anyone become root admin without a password This is like a 9/11 + Pearl Harbor for the web hosting industry
-
@pirat_nation
@pirat_nation
on x
Hackers are actively exploiting a critical vulnerability in cPanel and WHM known as CVE-2026-41940. This authentication bypass allows attackers to gain full admin access to web servers without needing any login information, the issue affects all currently supported versions of [i…
-
@icesolst
@icesolst
on x
Holy shit how is cPanel still in use It was released the same month as ActiveX (1996) and should have died with it. But I guess you can't decommission a web admin portal as easily. [image]
-
@vxunderground
@vxunderground
on x
> new cpanel cve thingie > proof of concept released > neat > check on internet degenerates > tons of united states gov thingies compromised > tax places compromised > another day of internet schizophrenia [video]