CVE-2026-48172 lets cPanel users run scripts as root, affecting LiteSpeed plugin 2.3–2.4.4 and exposing servers.
Morning Overview on MSN
A critical cPanel zero-day just tore into the Government of Guam’s websites — the same flaw now spreading across hosting servers worldwide
Government websites across Guam went dark this week after attackers exploited a previously unknown flaw in cPanel, the ...
Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months.
CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...
Days after the disclosure of a critical vulnerability in popular web hosting software cPanel and WHM, hackers keep targeting and hacking websites.
Morning Overview on MSN
CPanel’s state-backed attackers are now targeting government servers in Southeast Asia and military networks in the Philippines
Somewhere on a rack in a government data center in Southeast Asia, a cPanel login screen is almost certainly still waiting ...
CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr Labs, exists in the login flow ...
Hackers continue targeting thousands of websites using vulnerable cPanel software, exploiting a critical flaw that allows ...
Security researchers have identified a critical flaw in cPanel and WebHost Manager that could allow attackers to bypass authentication and gain full control ...
The popular cPanel web hosting server control panel software recently issued a patch to fix a critical flaw in the log4j Java library discovered in part of the software used for email. The ...
Attackers can attack cPanel and WebHost Manager with malicious code, among other things. Security patches are available.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results