"As of Monday there are more than 550,000 potentially vulnerable servers running cPanel, a number that has remained stable for days. And there are now around 2,000 cPanel instances likely compromised, down from around 44,000 on Thursday."
"The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned on Thursday that the vulnerability - tracked as CVE-2026-41940 - was being exploited in the wild, and added it to its Known Exploited Vulnerabilities (KEV) catalog."
"Executives at KnownHost detected attacks as far back as February 23, indicating that the exploitation of the vulnerability may have begun well before it was publicly disclosed."
A critical flaw in cPanel and WHM software has left over 550,000 servers vulnerable to attacks. As of Monday, around 2,000 instances are likely compromised. Hackers have exploited a bug allowing full control of servers. Google indexed websites displaying messages from hackers claiming to have encrypted files. The U.S. Cybersecurity and Infrastructure Security Agency warned about the vulnerability, urging government agencies to patch their systems. Attacks may have started earlier than the public disclosure, with some companies detecting them as early as February 23.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]