Pirat_Nation 🔴 (@Pirat_Nation) “Hackers are actively exploiting a critical vulnerability in cPanel and WHM known” — TopicDigg

Hackers are actively exploiting a critical vulnerability in cPanel and WHM known as CVE-2026-41940. This authentication bypass allows attackers to gain full admin access to web servers without needing any login information, the issue affects all currently supported versions of cPanel and WHM. The flaw has been under active attack since February 2026 and presents a major threat to shared hosting providers and the millions of websites they host. Attackers could steal data, install malware, or take over entire servers. cPanel released security patches on April 28 and recommends updating immediately. Many large hosting companies such as HostGator and Namecheap have already deployed the fix. If your server runs cPanel, apply the update now or contact your host to make sure you are protected.