This page collects WhisperX intelligence signals tagged #cpanel. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
Security teams are racing to apply emergency patches after a critical authentication bypass vulnerability in cPanel and WebHost Manager (WHM) was identified and likely actively exploited in the wild. The flaw grants attackers root-level server access, potentially compromising the millions of domains managed through the...
Security teams at web hosting providers are racing to patch a critical vulnerability in cPanel, the widely deployed web hosting control panel, after researchers confirmed that threat actors are actively exploiting the flaw in the wild. The scale of exposure is significant: cPanel powers millions of websites and server ...
A critical authentication bypass vulnerability, CVE-2026-41940, has been identified in WebPros cPanel & WHM (versions 11.40 through 136.x) and WP2 WordPress Squared (prior to 136.1.7), triggering urgent patching efforts across web hosting environments. The flaw, classified as CWE-306 (Missing Authentication for Critica...
A critical vulnerability in cPanel, one of the internet's most widely deployed web hosting control panels, is now confirmed under active exploitation with at least one victim reporting a ransomware demand. Security researchers and federal authorities have raised alarm over the timing of the attacks, which began before ...
Eine kritische Sicherheitslücke in cPanel wird aktiv von Angreifern ausgenutzt, um Ransomware auf Webportale zu schleusen. Betreiber von Webdiensten stehen unter Druck, ihre Installationen umgehend auf Kompromittierungen zu prüfen. Die Schwachstelle erlaubt es Unbefugten, Schadcode in verwaltete Webseiten einzuschleuse...
Security researchers are tracking an active campaign targeting a critical vulnerability in cPanel and WHM, the widely deployed web hosting control panel software. Days after the flaw entered public disclosure, threat actors have moved swiftly to exploit the weakness, gaining the ability to seize control of affected web...
Security researchers at Ctrl-Alt-Intel have identified an active campaign exploiting a recently patched vulnerability in cPanel, the widely deployed web hosting control panel. The operation, detected on May 2, 2026, primarily targets government and military infrastructure across Southeast Asian nations. A secondary clu...
A high-severity vulnerability tracked as CVE-2026-29203 (CVSS 8.8) has been disclosed in cPanel's Nova plugin, exposing a symlink-following flaw that could allow authenticated users to manipulate root-level permissions on arbitrary system files. The vulnerability resides in the Cpanel::Nova::Connector component, where ...
Two high-severity security developments emerged overnight, exposing critical infrastructure risks across hosting platforms and educational technology. cPanel and WHM released emergency patches for three vulnerabilities, including remote code execution (RCE) and privilege escalation flaws—weaknesses that could allow att...
Three critical zero-day vulnerabilities are under active exploitation, with cPanel & WHM emerging as the most severe incident: a zero-day flaw has been mass exploited, potentially compromising more than 40,000 servers worldwide. The scale of the cPanel attack positions this as one of the most significant web hosting in...
cPanel, one of the most widely used web hosting control panels globally, has released emergency patches for three newly discovered vulnerabilities following a ransomware attack that compromised approximately 44,000 servers. The timing of the disclosures and the scale of the breach have intensified scrutiny on the platf...
cPanel, one of the most widely used web hosting control panels globally, has patched three newly discovered vulnerabilities following what security observers are calling its "Black Week"—a ransomware campaign that compromised approximately 44,000 servers. The scale of the incident has sent shockwaves through the hostin...
Security researchers are tracking an active cryptojacking campaign that has compromised cPanel/WHM servers by exploiting a recent authentication bypass vulnerability. The attacker gained root-level access and established persistence through a backdoor account named "pakchoi" with root group (GID 0) privileges, using it...
A critical vulnerability in cPanel and WebHost Manager (WHM) designated CVE-2026-41940 is under active exploitation by a threat actor identified as Mr_Rot13, who is deploying a backdoor named Filemanager on compromised servers. The flaw enables authentication bypass, granting remote attackers elevated control over web ...