Skip to content
The Nexus
DossierENTITY

cPanel

Coverage of cPanel in the Nexus archive.

Earliest in view: Apr 29 · 09:37 UTCMost recent: May 11 · 17:54 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 11 · 17:54 UTCTHE HACKER NEWS
    cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

    A threat actor named Mr_Rot13 is exploiting a cPanel vulnerability to deploy a backdoor called Filemanager, leveraging CVE-2026-41940 to bypass authentication and gain elevated control. The vulnerability affects cPanel and WebHost Manager, allowing remote attackers to compromise environments. This active exploitation poses a significant security risk.

  • SECURITYMay 9 · 17:06 UTCHACKER NEWS
    CPanel's Black Week: 3 New Vulnerabilities Patched After Attack on 44k Servers

    CPanel experienced a series of vulnerabilities resulting in a ransomware attack on 44,000 servers, which have since been patched with three new security fixes. The attack highlights concerns over server security and the importance of regular updates. CPanel's response to the issue has been prompt, but the incident raises questions about potential future vulnerabilities.

  • SECURITYMay 9 · 07:16 UTCTHE HACKER NEWS
    cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

    cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The vulnerabilities include CVE-2026-29201 with a CVSS score of 4.3. Users are advised to patch now to prevent potential attacks.

  • SECURITYMay 4 · 19:14 UTCDARK READING
    Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability

    A critical vulnerability in cPanel has been disclosed, allowing for authentication-bypass and potentially threatening millions. Multiple proof-of-concept exploits have appeared, with claims of zero-day activity for at least a month. The flaw poses a significant security risk to users.

  • SECURITYMay 4 · 18:02 UTCTECHCRUNCH
    Hackers are still exploiting the cPanel bug to gain control of thousands of websites

    Hackers are exploiting a critical vulnerability in cPanel and WHM to gain control of thousands of websites, despite the bug being disclosed days ago. The vulnerability is still being targeted by hackers, who are hacking websites. This ongoing issue affects popular web hosting software.

  • SECURITYMay 4 · 09:27 UTCTHE HACKER NEWS
    Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks

    A previously unknown threat actor is targeting government and military entities in Southeast Asia by exploiting a cPanel vulnerability, alongside managed service providers and hosting providers in several countries. The activity was detected on May 2, 2026, and involves exploiting a recently disclosed vulnerability. This affects networks in the Philippines, Laos, Canada, South Africa, and the U.S.

  • SECURITYMay 2 · 21:54 UTCBLEEPING COMPUTER
    Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks

    A critical cPanel vulnerability (CVE-2026-41940) is being widely exploited for 'Sorry' ransomware attacks, leading to website breaches and data encryption. The flaw allows attackers to breach systems and encrypt data, resulting in ransomware incidents.

  • SECURITYMay 1 · 16:20 UTCRECORDED FUTURE NEWS
    Federal agencies must patch cPanel bug by Sunday, CISA says

    CISA has mandated federal agencies to patch the cPanel vulnerability CVE-2026-41940 by Sunday. Rapid7's incident responders warned that successful exploitation allows attackers full control over cPanel systems, configurations, databases, and managed websites.

  • SECURITYMay 1 · 13:10 UTCTHE REGISTER
    First reports come in of victims of critical cPanel vuln as 'millions' of sites potentially exposed

    A critical vulnerability in cPanel, a widely used hosting stack, is being actively exploited, with reports of ransomware demands emerging before patches were released. CISA has added the flaw to its list of known-exploited vulnerabilities, highlighting the risk to millions of websites.

  • SECURITYApr 30 · 22:48 UTCHACKER NEWS
    The Internet Is Falling Down- CPanel/WHM Authentication Bypass CVE-2026-41940

    A critical authentication bypass vulnerability, CVE-2026-41940, has been discovered in CPanel/WHM, allowing attackers to bypass login screens and gain unauthorized access. The flaw, reported by Watchtowr Labs, has sparked widespread concern about server security.

  • SECURITYApr 30 · 20:49 UTCCYBERSCOOP
    cPanel’s authentication bypass bug is being exploited in the wild, CISA warns

    cPanel's authentication bypass vulnerability (CVE-2026-41940) is being actively exploited, affecting all supported versions since 11.40 and WP Squared. CISA added it to its KEV list, while cPanel released a patch addressing the flaw, which allows attackers to inject malicious data during login to bypass authentication.

  • SECURITYApr 30 · 19:36 UTCTECHCRUNCH
    Hackers are actively exploiting a bug in cPanel, used by millions of websites

    Hackers are actively exploiting a critical vulnerability in cPanel, a web hosting platform used by millions of websites. Web hosts are urgently working to address the issue, with one company reporting that the bug has been abused by attackers for months.

  • SECURITYApr 30 · 11:40 UTCBLEEPING COMPUTER
    Critical cPanel and WHM bug exploited as a zero-day, PoC now available

    A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, WHM, and WP Squared is being actively exploited in the wild as a zero-day attack, with proof-of-concept (PoC) code now available. The flaw has been leveraged since late February, highlighting urgent security risks for users of these platforms.

  • SECURITYApr 30 · 10:14 UTCTHE REGISTER
    Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day

    A critical vulnerability in cPanel and WHM allows attackers to bypass authentication and gain root server access, with emergency patches now available. The flaw, likely exploited as a 0-day, affects millions of domains managed through the platform.

  • SECURITYApr 29 · 15:51 UTCBLEEPING COMPUTER
    cPanel, WHM emergency update fixes critical auth bypass bug

    A critical vulnerability in cPanel and WHM allows unauthorized access to the control panel. An emergency update has been released to address this issue.

  • SECURITYApr 29 · 09:37 UTCTHE HACKER NEWS
    Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

    cPanel has released security updates to address a critical authentication vulnerability affecting all supported versions of its control panel software. The flaw could allow attackers to gain unauthorized access, and users are urged to update immediately to the specified patched versions.

cPanel · Dossier · The Nexus