Bleeping Computer

Critical cPanel and WHM bug exploited as a zero-day, PoC now available

The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. It is ...
Dark Reading

Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability

A critical authentication bypass flaw in cPanel software products has come under heavy exploitation from a variety of threat actors shortly after public disclosure, putting millions of websites at ...
heise online

cPanel/WHM: Unauthorized access to web server configuration tool possible

Attackers can exploit a “critical” security vulnerability in the cPanel and WebHost Manager (WHM) web server administration software to gain unauthorized access. So far, there are no reports of ...