Hackers are still exploiting the cPanel bug to gain control of thousands of websites
By Lorenzo Franceschi-Bicchierai
Published on May 4, 2026.
The makers of the popular web server management software cPanel and WebHost Manager (WHM) have alerted users of a critical flaw in their software, which allows hackers to gain control of thousands of websites using the vulnerable software. As of Monday, there are over 550,000 potentially vulnerable servers running cPanel, a number that has remained stable for days. There are now around 2,000 instances likely compromised, down from around 44,000 on Thursday. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that the vulnerability, identified as CVE-2026-41940, is being exploited in the wild and added it to its Known Exploited Vulnerabilities (KEV) catalog. The attacks likely have been ongoing since much earlier than the vulnerability was disclosed.
Related Articles
Don't pay scalper prices for a Steam Controller
Valve's Steam Controller, redesigned by Valve, is a hot topic for sale, but shouldn't buy from scalper scalper websites, despite current supply shortages and inflated prices.
Image AI models now drive app growth, beating chatbot upgrades
Image model releases are driving 6.5 times more downloads for AI mobile apps like ChatGPT and Gemini, outpacing chatbot upgrades, though such changes don't necessarily result in significant revenue increases.
Katie Haun raises $1 billion for new venture funds
Former Andreessen Horowitz employee Katie Haun has raised $1 billion to fund startups and enhance her portfolio, including "Ethic" for the first time.