"Cybercriminals are exploiting a recently discovered vulnerability in cPanel and WebHost Manager on a large scale, allowing attackers to gain full control of unpatched systems."
"The vulnerability, registered as CVE-2026-41940, is now on the U.S. Cybersecurity and Infrastructure Security Agency (CISA) list of actively exploited security issues."
"Security researchers observed that attackers were actively exploiting the vulnerability to gain access to server control panels, allowing them to take over and modify websites."
"Some websites are now functioning normally again, suggesting that administrators have intervened to address the ransomware-like tactics being employed."
A significant vulnerability in cPanel and WebHost Manager has been exploited by cybercriminals, allowing full control over unpatched systems. Despite a fix being released, many servers remain vulnerable. Over 550,000 servers are potentially at risk, while compromised installations have decreased from 44,000 to about 2,000. The vulnerability, CVE-2026-41940, is listed by CISA as actively exploited. Security researchers noted ransomware-like tactics being used, with some websites displaying messages about encrypted files. Earlier signs of exploitation suggest the issue was known before public disclosure.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]